Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix crash in syck_emit on platforms with long long pointers #9

Merged
merged 1 commit into from
Dec 11, 2014
Merged

Fix crash in syck_emit on platforms with long long pointers #9

merged 1 commit into from
Dec 11, 2014

Conversation

dougwilson
Copy link

This fixes RT#83879. Strawberry Perl uses the 32-bit version of MinGW, so MINGW64 is not defined. This replaces the pointer typedefs with uintptr_t from stdint.h. Another crash came from the fact that syck_emit had st_lookup write a long long to the long x which caused part of the parent pointer to be overwritten when a reference was being emitted. The x variable wasn't actually being used for anything, so I removed it. All tests are now passing on Windows 64-bit.

@shawnlaffan
Copy link

This approach works on my system (strawberry perls 5.16.3 and 5.20.1).

It would be very useful if this were implemented.

Thanks,
Shawn.

toddr added a commit that referenced this pull request Dec 11, 2014
Fix crash in syck_emit on platforms with long long pointers
@toddr toddr merged commit 42420ca into cpan-authors:master Dec 11, 2014
@dougwilson
Copy link
Author

mmmm 🌴

rurban added a commit to rurban/YAML-Syck that referenced this pull request Feb 21, 2017
you cannot check is_utf8_string with an empty string, as len=0
will call strlen then, which is invalid on empty strings.

==67523==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60b0000155a4 at pc 0x0001009f67a2 bp 0x7fff5fbfe110 sp 0x7fff5fbfd8d0
READ of size 101 at 0x60b0000155a4 thread T0
    #0 0x1009f67a1 in wrap_strlen (/opt/local/libexec/llvm-3.9/lib/libclang_rt.asan_osx_dynamic.dylib+0xf7a1)
    cpan-authors#1 0x1041549e0 in Perl_is_utf8_string /usr/local/lib/cperl/5.25.3/darwin-debug-asan@/CORE/inline.h:437:45
    cpan-authors#2 0x104153e59 in json_syck_parser_handler /Users/rurban/Perl/YAML-Syck/./perl_syck.h:176:21
    cpan-authors#3 0x10414a7a4 in syck_hdlr_add_node /Users/rurban/Perl/YAML-Syck/handler.c:19:17
    cpan-authors#4 0x104148077 in syckparse /Users/rurban/Perl/YAML-Syck/gram.y:58:43
    cpan-authors#5 0x104172011 in syck_parse /Users/rurban/Perl/YAML-Syck/syck_.c:492:5
    cpan-authors#6 0x10416c6fc in LoadJSON /Users/rurban/Perl/YAML-Syck/./perl_syck.h:788:13
    cpan-authors#7 0x10416c6fc in XS_YAML__Syck_LoadJSON /Users/rurban/Perl/YAML-Syck/Syck.c:258
    cpan-authors#8 0x100318f74 in Perl_pp_enterxssub (/usr/local/bin/cperl5.25.3d-nt-asan+0x100318f74)
    cpan-authors#9 0x1002698e3 in Perl_runops_debug (/usr/local/bin/cperl5.25.3d-nt-asan+0x1002698e3)
    cpan-authors#10 0x10009da88 in perl_run (/usr/local/bin/cperl5.25.3d-nt-asan+0x10009da88)
    cpan-authors#11 0x100000fec  (/usr/local/bin/cperl5.25.3d-nt-asan+0x100000fec)
    cpan-authors#12 0x7fff8171a5ac  (/usr/lib/system/libdyld.dylib+0x35ac)

0x60b0000155a4 is located 0 bytes to the right of 100-byte region [0x60b000015540,0x60b0000155a4)
allocated by thread T0 here:
    #0 0x100a3b485 in wrap_malloc (/opt/local/libexec/llvm-3.9/lib/libclang_rt.asan_osx_dynamic.dylib+0x54485)

SUMMARY: AddressSanitizer: heap-buffer-overflow (/opt/local/libexec/llvm-3.9/lib/libclang_rt.asan_osx_dynamic.dylib+0xf7a1) in wrap_strlen
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants