Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Issue 13367 - Buffer overflow when setting PATH #2459

Merged
merged 1 commit into from
Aug 25, 2014
Merged

Fix Issue 13367 - Buffer overflow when setting PATH #2459

merged 1 commit into from
Aug 25, 2014

Conversation

denis-sh
Copy link
Contributor

@denis-sh denis-sh mentioned this pull request Aug 24, 2014
Merged
@denis-sh
Copy link
Contributor Author

So yes, I failed to copy-paste-modify code from my allocators to the pull and reviewers failed to see the mistake.

@DmitryOlshansky
Copy link
Member

This tells me, aside from the fact that I must be blind, that there has to be more tests.
In particular all string widths and lengths both below and beyond the limit.

For instance this fails for me consistently, with any length:

mport std.internal.cstring;
import core.stdc.string;

alias Seq(T...) = T;

void main()
{
    foreach(i, T; Seq!(string, wstring, dstring))
    {
        T v = "Кукарача";
        foreach(_; 0..2)
            v ~= v;

        auto t = v.tempCString();
        foreach(j; 0..v.length)
            assert(t.ptr[j] == v[j], "bug in "~T.stringof);
    }
}

UPDATE: fixed a typo, LOL.

@denis-sh
Copy link
Contributor Author

For instance this fails for me consistently, with any length:

The test is incorrect. It should call v.tempCString!C() where C is typeof(cast() T.init[0]).

@DmitryOlshansky
Copy link
Member

@denis-sh That's better. Now the following hits access violation with old version. I guess it would work with your patch.

import std.internal.cstring;
import core.stdc.string;

alias Seq(T...) = T;

void main(){
    foreach(i, T; Seq!(string, wstring, dstring))
    {
        T v = "Кукорача";
        foreach(_; 0..10)
            v ~= v;

        auto t = v.tempCString!(typeof(cast()T.init[0]));
        foreach(j; 0..v.length)
            assert(t.ptr[j] == v[j], "bug in "~T.stringof);
    }
}

@DmitryOlshansky
Copy link
Member

Wouldn't it make more sense to have default character type to be that of passed string unless explicitly provided?

@denis-sh
Copy link
Contributor Author

Wouldn't it make more sense to have default character type to be that of passed string unless explicitly provided?

C function is generally not templated, so API is designed with this case in mind:

void setEnvironment(C)(in C[] name, in C[] value)
if(isSomeChar!C)
{ enforce(setenv(name.tempCString(), value.tempCString(), 1) != -1); }

@DmitryOlshansky
Copy link
Member

Makes sense. Then please integrate tests for this bug and it should be ready to go.

@denis-sh denis-sh force-pushed the fix-temp-c-string-allocation branch from 9fff246 to 46d0e01 Compare August 25, 2014 07:40
@denis-sh
Copy link
Contributor Author

Added unittest for the issue.

@DmitryOlshansky
Copy link
Member

Auto-merge toggled on

DmitryOlshansky added a commit that referenced this pull request Aug 25, 2014
@DmitryOlshansky
Merge pull request #2459 from denis-sh/fix-temp-c-string-allocation
2d7bcea 
Fix Issue 13367 - Buffer overflow when setting PATH
@DmitryOlshansky DmitryOlshansky merged commit 2d7bcea into dlang:master Aug 25, 2014
@DmitryOlshansky
Copy link
Member

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@denis-sh @DmitryOlshansky