-
-
Notifications
You must be signed in to change notification settings - Fork 208
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
prevent memory overflow in compilePassOpcode #1185
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! But why do we need a macro? Couldn't it be done with a function?
If we do need a macro I suggest we wrap it in do {...} while (0)
.
I think we need a macro if we want to leave function Maybe it's not necessary to check the index for each single character and we can avoid to introduce the macro. If I counted correctly, there's a maximum number of 7 potentially untested assignments to liblouis/liblouis/compileTranslationTable.c Line 1886 in f2251cb
with if (passIC >= MAXSTRING-6) { should also fix the issue, but I haven't tested it properly yet. |
Like this? if (!append_instruction_char(passInstructions, &passIC, pass_lookback)) return 0; I prefer that over a macro.
I could live with this solution too, if it's explained what the "6" is, and in such a way that it's obvious the number needs to be updated when we modify |
Yes, exactly.
Ok, sure. I can adapt the code accordingly. In case you prefer the repetitive checks over a single check at the beginning of the loop body, I'll change the PR that way. If you happen to have already adapted the code yourself, you can of course commit your changes as well. |
I've done a first attempt with this table:
(created a new issue for this: #1215) |
I've replaced the macro with a function. |
Thanks. |
Should I run |
Yes you may do it, otherwise we'll take care of it. |
liblouis/compileTranslationTable.c
Outdated
if (!appendInstructionChar(file, passInstructions, &passIC, 1)) return 0; | ||
passHoldNumber = passInstructions[passIC - 1]; | ||
if (!appendInstructionChar(file, passInstructions, &passIC, 1)) | ||
return 0; /* This is not an error */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This comment is really confusing now. It should stay with the line above as in the original.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've removed the comment, and also removed the passHoldNumber = passInstructions[passIC - 1];
line because it was not needed.
0862fc1
to
779a877
Compare
This is a proposal to fix issue #1171. To prevent writing past the
CharsString
memory block, I replaced all assignments topassInstructions[passIC++]
with macroAPPEND_INSTRUCTION_CHAR(ch)
that checks the validity of indexpassIC
before assigning a value.The sample file used to trigger the buffer overflow in #1171 only affects
pass_lookback
. But since there are a couple of similar sections that append more than one character without checking the index, I adapted all of them. The "ugly" macro could be replaced by dedicated index checks to reduce the number ofif
statements and to speed up the code a bit, but I decided against that to avoid code bloat.