Issue 40 in open-vcdiff: encoder crashes with NULL source and 0 source length

Skip to first unread message

Sep 17, 2013, 11:26:07 AM9/17/13
Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 40 by encoder crashes with NULL source and
0 source length

What steps will reproduce the problem?
1. Attempt to encode with source NULL
open_vcdiff::VCDiffEncoder enc(NULL, 0)

You get a segfault.

The problem is in BlockHash::AddAllBlocksThroughIndex
Specifically, these lines of code cause a problem:

int last_legal_hash_index = static_cast<int>(source_size() - kBlockSize);
if (end_limit > last_legal_hash_index) {
end_limit = last_legal_hash_index + 1;
const char* block_ptr = source_data() + NextIndexToAdd();
const char* const end_ptr = source_data() + end_limit;

At this point, block_ptr has the value 0, end_ptr has the bit pattern for

But since these are pointers, and on linux these are unsigned objects, the
next line

while (block_ptr < end_ptr) {

executes which results in a null pointer reference.

Note that if the source length == 0 but the source pointer is something >
16, everything is OK. The simplest fix is probably to just bail out early
if the source data size is 0.

This is in version 0.8.3, on linux.

You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:

Sep 18, 2013, 12:44:00 PM9/18/13
Status: Accepted
Labels: OpSys-Linux Component-Logic

Comment #1 on issue 40 by encoder crashes with NULL
Thanks much for reporting the problem! Your proposed fix will be included
in the next release of open-vcdiff.
Reply all
Reply to author
0 new messages