Issue 40 in open-vcdiff: encoder crashes with NULL source and 0 source length
7 views
Skip to first unread message
open-...@googlecode.com
Sep 17, 2013, 11:26:07 AM9/17/13
to open-...@googlegroups.com
Status: New
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 40 by rashapir...@gmail.com: encoder crashes with NULL source and
0 source length
http://code.google.com/p/open-vcdiff/issues/detail?id=40
What steps will reproduce the problem?
1. Attempt to encode with source NULL
open_vcdiff::VCDiffEncoder enc(NULL, 0)
You get a segfault.
The problem is in BlockHash::AddAllBlocksThroughIndex
Specifically, these lines of code cause a problem:
int last_legal_hash_index = static_cast<int>(source_size() - kBlockSize);
if (end_limit > last_legal_hash_index) {
end_limit = last_legal_hash_index + 1;
}
const char* block_ptr = source_data() + NextIndexToAdd();
const char* const end_ptr = source_data() + end_limit;
At this point, block_ptr has the value 0, end_ptr has the bit pattern for
-15.
But since these are pointers, and on linux these are unsigned objects, the
next line
while (block_ptr < end_ptr) {
executes which results in a null pointer reference.
Note that if the source length == 0 but the source pointer is something >
16, everything is OK. The simplest fix is probably to just bail out early
if the source data size is 0.
This is in version 0.8.3, on linux.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 40 by rashapir...@gmail.com: encoder crashes with NULL source and
0 source length
http://code.google.com/p/open-vcdiff/issues/detail?id=40
What steps will reproduce the problem?
1. Attempt to encode with source NULL
open_vcdiff::VCDiffEncoder enc(NULL, 0)
You get a segfault.
The problem is in BlockHash::AddAllBlocksThroughIndex
Specifically, these lines of code cause a problem:
int last_legal_hash_index = static_cast<int>(source_size() - kBlockSize);
if (end_limit > last_legal_hash_index) {
end_limit = last_legal_hash_index + 1;
}
const char* block_ptr = source_data() + NextIndexToAdd();
const char* const end_ptr = source_data() + end_limit;
At this point, block_ptr has the value 0, end_ptr has the bit pattern for
-15.
But since these are pointers, and on linux these are unsigned objects, the
next line
while (block_ptr < end_ptr) {
executes which results in a null pointer reference.
Note that if the source length == 0 but the source pointer is something >
16, everything is OK. The simplest fix is probably to just bail out early
if the source data size is 0.
This is in version 0.8.3, on linux.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
open-...@googlecode.com
Sep 18, 2013, 12:44:00 PM9/18/13
to open-...@googlegroups.com
Updates:
Status: Accepted
Labels: OpSys-Linux Component-Logic
Comment #1 on issue 40 by openvcd...@gmail.com: encoder crashes with NULL
Thanks much for reporting the problem! Your proposed fix will be included
in the next release of open-vcdiff.
Status: Accepted
Labels: OpSys-Linux Component-Logic
Comment #1 on issue 40 by openvcd...@gmail.com: encoder crashes with NULL
Thanks much for reporting the problem! Your proposed fix will be included
in the next release of open-vcdiff.
Reply all
Reply to author
Forward
0 new messages