Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

String.is_null_terminated assumes _size < _alloc #1425

Closed
Perelandric opened this issue Nov 18, 2016 · 0 comments
Closed

String.is_null_terminated assumes _size < _alloc #1425

Perelandric opened this issue Nov 18, 2016 · 0 comments

Comments

@Perelandric
Copy link
Contributor

The current implementation of String.is_null_terminated is:

(_alloc > 0) and (_ptr._apply(_size) == 0)

This would seem to point into arbitrary memory when _alloc and _size are the same (in other words, when the String is not null terminated).

let s = String.from_iso_array(recover ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h'] end)

env.out.print("is null terminated? (should be false!) " + s.is_null_terminated().string())

is null terminated? (should be false!) true
@Perelandric Perelandric mentioned this issue Nov 19, 2016
Merged
jemc pushed a commit that referenced this issue Nov 23, 2016
@Perelandric @jemc
Fix is_null_terminated reading arbitrary memory (issue #1425) (#1429)
c54d46f 
When `_alloc` is equal to `_size`, the `is_null_terminated` method will
point to arbitrary memory when checking for the `0` byte. This PR makes
that method first check that `_alloc != _size` before reading the
`_size` byte of the `Pointer[U8]`.

Fixes #1425
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Perelandric