Fixing RT #41141 -- handling carriage return after c-indicator. #12
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
My unit tests kinda sucked. Updated. |
rurban
added a commit
to rurban/YAML-Syck
that referenced
this pull request
Feb 21, 2017
you cannot check is_utf8_string with an empty string, as len=0
will call strlen then, which is invalid on empty strings.
==67523==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60b0000155a4 at pc 0x0001009f67a2 bp 0x7fff5fbfe110 sp 0x7fff5fbfd8d0
READ of size 101 at 0x60b0000155a4 thread T0
#0 0x1009f67a1 in wrap_strlen (/opt/local/libexec/llvm-3.9/lib/libclang_rt.asan_osx_dynamic.dylib+0xf7a1)
cpan-authors#1 0x1041549e0 in Perl_is_utf8_string /usr/local/lib/cperl/5.25.3/darwin-debug-asan@/CORE/inline.h:437:45
cpan-authors#2 0x104153e59 in json_syck_parser_handler /Users/rurban/Perl/YAML-Syck/./perl_syck.h:176:21
cpan-authors#3 0x10414a7a4 in syck_hdlr_add_node /Users/rurban/Perl/YAML-Syck/handler.c:19:17
cpan-authors#4 0x104148077 in syckparse /Users/rurban/Perl/YAML-Syck/gram.y:58:43
cpan-authors#5 0x104172011 in syck_parse /Users/rurban/Perl/YAML-Syck/syck_.c:492:5
cpan-authors#6 0x10416c6fc in LoadJSON /Users/rurban/Perl/YAML-Syck/./perl_syck.h:788:13
cpan-authors#7 0x10416c6fc in XS_YAML__Syck_LoadJSON /Users/rurban/Perl/YAML-Syck/Syck.c:258
cpan-authors#8 0x100318f74 in Perl_pp_enterxssub (/usr/local/bin/cperl5.25.3d-nt-asan+0x100318f74)
cpan-authors#9 0x1002698e3 in Perl_runops_debug (/usr/local/bin/cperl5.25.3d-nt-asan+0x1002698e3)
cpan-authors#10 0x10009da88 in perl_run (/usr/local/bin/cperl5.25.3d-nt-asan+0x10009da88)
cpan-authors#11 0x100000fec (/usr/local/bin/cperl5.25.3d-nt-asan+0x100000fec)
cpan-authors#12 0x7fff8171a5ac (/usr/lib/system/libdyld.dylib+0x35ac)
0x60b0000155a4 is located 0 bytes to the right of 100-byte region [0x60b000015540,0x60b0000155a4)
allocated by thread T0 here:
#0 0x100a3b485 in wrap_malloc (/opt/local/libexec/llvm-3.9/lib/libclang_rt.asan_osx_dynamic.dylib+0x54485)
SUMMARY: AddressSanitizer: heap-buffer-overflow (/opt/local/libexec/llvm-3.9/lib/libclang_rt.asan_osx_dynamic.dylib+0xf7a1) in wrap_strlen
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a fix for https://rt.cpan.org/Public/Bug/Display.html?id=41141, which I ran into at work today. Basically
produced some invalid YAML, which took down my daemons when I tried decoding the data later.
Let me know if I did something wrong (I skimmed through http://yaml.org/spec/1.2/spec.html, but I'm hardly an expert), or if there's something more you need me to do before accepting the pull request.
Cheers!