@@ -1,6 +1,7 @@ == * Bug Fixes * Fix bignum encoding + * Prevent stack overflow for massive binaries in c decoder == 1.1.0 / 2009-10-08 * Minor Improvements History.txt @@ -97,7 +97,7 @@ VALUE read_large_tuple(unsigned char **pData) { rb_raise(rb_eStandardError, "Invalid Type, not a large tuple"); } - int arity = read_4(pData); + unsigned int arity = read_4(pData); VALUE array = rb_ary_new2(arity); @@ -114,7 +114,7 @@ VALUE read_list(unsigned char **pData) { rb_raise(rb_eStandardError, "Invalid Type, not an erlang list"); } - int size = read_4(pData); + unsigned int size = read_4(pData); VALUE newref_class = rb_const_get(mErlectricity, rb_intern("List")); VALUE array = rb_funcall(newref_class, rb_intern("new"), 1, INT2NUM(size)); @@ -131,7 +131,7 @@ VALUE read_list(unsigned char **pData) { // primitives -void read_string_raw(unsigned char *dest, unsigned char **pData, int length) { +void read_string_raw(unsigned char *dest, unsigned char **pData, unsigned int length) { memcpy((char *) dest, (char *) *pData, length); *(dest + length) = (unsigned char) 0; *pData += length; @@ -142,12 +142,12 @@ VALUE read_bin(unsigned char **pData) { rb_raise(rb_eStandardError, "Invalid Type, not an erlang binary"); } - int length = read_4(pData); + unsigned int length = read_4(pData); - unsigned char buf[length + 1]; - read_string_raw(buf, pData, length); + VALUE rStr = rb_str_new((char *) *pData, length); + *pData += length; - return rb_str_new((char *) buf, length); + return rStr; } VALUE read_string(unsigned char **pData) { ext/decoder.c @@ -127,6 +127,11 @@ context "When unpacking from a binary stream" do get("f").should == :f end + specify "massive binaries should not overflow the stack" do + bin = [131,109,0,128,0,0].pack('c*') + ('a' * (8 * 1024 * 1024)) + assert_equal (8 * 1024 * 1024), Erlectricity::Decoder.decode(bin).size + end + specify "a good thing should be awesome" do get(%Q-[{options,{struct,[{test,<<"I'm chargin' mah lazer">>}]}},{passage,<<"Why doesn't this work?">>}]-).should == [[:options, [:struct, [[:test, "I'm chargin' mah lazer"]]]], [:passage, "Why doesn't this work?"]] test/decode_spec.rb 9257ecc222ba5e489ced8d40c6190a4d1aea2826 Tom Preston-Werner tom@mojombo.com http://github.com/mojombo/erlectricity/commit/b3dee26c8738a2ed821d8097c54f8fcda0c50cf5 b3dee26c8738a2ed821d8097c54f8fcda0c50cf5 2009-10-28T12:34:41-07:00 2009-10-28T12:34:41-07:00 prevent stack overflow for massive binaries in c decoder e421b83c3039043e1fa770d9250d3763fc5b78e0 Tom Preston-Werner tom@mojombo.com