[Guile-commits] branch master updated: Fix buffer overread in string-loc

guile-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Guile-commits] branch master updated: Fix buffer overread in string-loc

From:	Andy Wingo
Subject:	[Guile-commits] branch master updated: Fix buffer overread in string-locale-ci=? and related functions
Date:	Mon, 15 Mar 2021 16:25:21 -0400

This is an automated email from the git hooks/post-receive script.

wingo pushed a commit to branch master
in repository guile.

The following commit(s) were added to refs/heads/master by this push:
     new d87b57a  Fix buffer overread in string-locale-ci=? and related 
functions
d87b57a is described below

commit d87b57a00bb8f755fdca46d10c9d411d48efa1e9
Author: Andy Wingo <wingo@pobox.com>
AuthorDate: Mon Mar 15 21:23:43 2021 +0100

    Fix buffer overread in string-locale-ci=? and related functions
    
    * libguile/i18n.c (u32_locale_casecoll): Take lengths of incoming
    strings as parameters rather than assuming "nul" termination.
    (compare_u32_strings_ci): Pass string lengths as computed from the
    Scheme strings.
    * test-suite/tests/i18n.test ("text collation (English)"): Add a test
    case.
    
    Thanks a million to Rob Browning for the report.
---
 libguile/i18n.c            | 20 +++++++++++---------
 test-suite/tests/i18n.test | 10 +++++++---
 2 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/libguile/i18n.c b/libguile/i18n.c
index fc47fdf..cc4ef73 100644
--- a/libguile/i18n.c
+++ b/libguile/i18n.c
@@ -833,9 +833,8 @@ locale_language ()
 }
 
 static inline int
-u32_locale_casecoll (const char *func_name, const uint32_t *c_s1,
-                     const uint32_t *c_s2,
-                    int *result)
+u32_locale_casecoll (const char *func_name, const uint32_t *c_s1, size_t 
s1_len,
+                     const uint32_t *c_s2, size_t s2_len, int *result)
 {
   /* Note: Since this is called from `RUN_IN_LOCALE_SECTION', it must note
      make any non-local exit.  */
@@ -843,8 +842,8 @@ u32_locale_casecoll (const char *func_name, const uint32_t 
*c_s1,
   int ret;
   const char *loc = locale_language ();
 
-  ret = u32_casecoll (c_s1, u32_strlen (c_s1),
-                      c_s2, u32_strlen (c_s2),
+  ret = u32_casecoll (c_s1, s1_len,
+                      c_s2, s2_len,
                       loc, UNINORM_NFC, result);
 
   return ret == 0 ? ret : errno;
@@ -860,6 +859,9 @@ compare_u32_strings_ci (SCM s1, SCM s2, SCM locale, const 
char *func_name)
   int c_s1_malloc_p, c_s2_malloc_p;
   SCM_VALIDATE_OPTIONAL_LOCALE_COPY (3, locale, c_locale);
 
+  size_t s1_len = scm_i_string_length (s1);
+  size_t s2_len = scm_i_string_length (s2);
+
   SCM_STRING_TO_U32_BUF (s1, c_s1, c_s1_malloc_p);
   SCM_STRING_TO_U32_BUF (s2, c_s2, c_s2_malloc_p);
 
@@ -867,13 +869,13 @@ compare_u32_strings_ci (SCM s1, SCM s2, SCM locale, const 
char *func_name)
     RUN_IN_LOCALE_SECTION
       (c_locale,
        ret = u32_locale_casecoll (func_name,
-                                 (const uint32_t *) c_s1,
-                                 (const uint32_t *) c_s2,
+                                 (const uint32_t *) c_s1, s1_len,
+                                 (const uint32_t *) c_s2, s2_len,
                                  &result));
   else
     ret = u32_locale_casecoll (func_name,
-                              (const uint32_t *) c_s1,
-                              (const uint32_t *) c_s2,
+                              (const uint32_t *) c_s1, s1_len,
+                              (const uint32_t *) c_s2, s2_len,
                               &result);
 
   SCM_CLEANUP_U32_BUF(c_s1, c_s1_malloc_p);
diff --git a/test-suite/tests/i18n.test b/test-suite/tests/i18n.test
index 427aef4..f288da0 100644
--- a/test-suite/tests/i18n.test
+++ b/test-suite/tests/i18n.test
@@ -1,8 +1,7 @@
 ;;;; i18n.test --- Exercise the i18n API.  -*- coding: utf-8; mode: scheme; -*-
 ;;;;
-;;;; Copyright (C) 2006, 2007, 2009, 2010, 2011, 2012,
-;;;;   2013, 2014, 2015, 2016, 2017, 2018 Free Software Foundation, Inc.
-;;;; Ludovic Courtès
+;;;; Copyright (C) 2006-2007,2009-2019,2021 Free Software Foundation, Inc.
+;;;; Author: Ludovic Courtès
 ;;;;
 ;;;; This library is free software; you can redistribute it and/or
 ;;;; modify it under the terms of the GNU Lesser General Public
@@ -75,6 +74,11 @@
          (string-locale-ci=? "Hello" "HELLO"
                              (make-locale (list LC_COLLATE) "C"))))
 
+  (pass-if "string-locale-ci=?, bis"
+    (let* ((strings (list "⇒a" "⇒b"))
+           (heads (map (lambda (s) (substring/shared s 0 1)) strings)))
+      (apply string-locale-ci=? heads)))
+
   (pass-if "string-locale-ci<?"
     (and (string-locale-ci<? "hello" "WORLD")
          (string-locale-ci<? "hello" "WORLD"

[Prev in Thread]

Current Thread

[Next in Thread]

[Guile-commits] branch master updated: Fix buffer overread in string-locale-ci=? and related functions, Andy Wingo <=

Prev by Date: [Guile-commits] branch master updated: Add JIT capability for MinGW
Next by Date: [Guile-commits] 02/02: Fix buffer overread in string-locale<?
Previous by thread: [Guile-commits] branch master updated: Add JIT capability for MinGW
Next by thread: [Guile-commits] branch master updated (d87b57a -> 72bf9d9)
Index(es):
- Date
- Thread