Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix bug in u_read() #488

Merged
merged 1 commit into from
Oct 28, 2024
Merged

Fix bug in u_read() #488

merged 1 commit into from
Oct 28, 2024

Conversation

Don-Ward
Copy link
Collaborator

It was possible to overrun the strings region leading to corruption of memory. The new code checks for overrun and allocates a new buffer if it would occur.

@Don-Ward Don-Ward requested a review from Jafaral October 26, 2024 09:38
Jafaral
Jafaral requested changes Oct 27, 2024
View reviewed changes
src/runtime/rposix.r Outdated
Comment on lines 2456 to 2457
int newsize = StrLen(*d) + bufsize;
if ( strfree < (StrLoc(*d) + newsize)) {
Copy link
Member

@Jafaral Jafaral Oct 27, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest a slight optimization by not doing the work unless we actually need to, since in the vast majority of cases we wont be using newsize:

           if  (strend-strfree < bufsize)  {
                           int newsize = StrLen(*d) + bufsize;

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Of course you can just skip newsize altogether and just do

char *newb = alcstr(NULL, StrLen(*d) + bufsize );

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK, will do. I suspect that any self respecting compiler will emit almost the same code for either alternative, but it's probably better not to give the compiler the opportunity to not optimise it.
In other places, I've noticed we use

if (Diffptrs(strend,strfree) < bufsize)

so I've gone with that for consistency.

@Don-Ward
Fix bug in u_read()
1842481 
It was possible to overrun the strings region leading to corruption of memory.
The new code checks for overrun and allocates a new buffer if it would occur.
@Jafaral Jafaral merged commit a543033 into uniconproject:master Oct 28, 2024
20 checks passed
@Don-Ward Don-Ward deleted the u_read-bug branch October 28, 2024 08:58
ValG4 pushed a commit to ValG4/unicon that referenced this pull request Dec 7, 2024
@Jafaral
Merge pull request uniconproject#488 from Don-Ward/u_read-bug
f6dee62 
Fix bug in u_read()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Jafaral Jafaral Jafaral approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Don-Ward @Jafaral