Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fileapi fgets b110119937 #1042

Merged
merged 2 commits into from Jun 15, 2018
Merged

Fileapi fgets b110119937 #1042

merged 2 commits into from Jun 15, 2018

Conversation

schwehr
Copy link
Member

@schwehr schwehr commented Jun 13, 2018

Do not scan past the end of the read data in pj_ctx_fgets

use-of-uninitialized-value third_party/proj4/proj/src/pj_fileapi.c:pj_ctx_fgets

Found with autofuzz msan

@schwehr
Copy link
Member Author

schwehr commented Jun 13, 2018

Fixing:

../../src/pj_fileapi.c:202:20: error: implicit conversion loses integer precision: 'size_t' (aka 'unsigned long') to 'int' [-Werror,-Wshorten-64-to-32]
    max_size = MIN(bytes_read, (size_t)(size > 2 ? size - 2 : 0));
             ~     ^~~~~~~~~~

@kbevers
Copy link
Member

kbevers commented Jun 15, 2018

Looks good to me. Do you mind squashing the last two commits to one before I merge? We should try to have as few commits in the history that breaks the build.

@mloskot
Copy link
Member

mloskot commented Jun 15, 2018

👍 squash squash :)

@schwehr
Copy link
Member Author

schwehr commented Jun 15, 2018

Will do on the squashing... now to find a block of time longer than 2 minutes

@schwehr
Do not scan past the end of the read data in pj_ctx_fgets
d35a698 
use-of-uninitialized-value third_party/proj4/proj/src/pj_fileapi.c:pj_ctx_fgets

Found with autofuzz msan
@schwehr
Copy link
Member Author

schwehr commented Jun 15, 2018

3 became 2

@mloskot
Copy link
Member

mloskot commented Jun 15, 2018
edited

(off topic)
@schwehr Before kids, 30 min free slot wasn't worth booting my laptop. With kids, 10-15 min breaks can make wonders - https://github.com/mloskot/qt-creator-plugin-boostbuild/blob/master/README.md#why-boostbuild-plugin-for-qt-creator

kid napping, laptop warming laps while sat next to cot bed :)

@kbevers kbevers merged commit 6b77f5f into OSGeo:master Jun 15, 2018
@kbevers kbevers added this to the 5.2.0 milestone Jun 18, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
5.2.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@schwehr @kbevers @mloskot