From 2cf0f4853ac23d85976862434ab5ae0cabbf091d Mon Sep 17 00:00:00 2001 From: Ryan Lortie Date: Thu, 28 Aug 2008 23:03:24 +0000 Subject: [PATCH] =?utf8?q?[REVERT]=20Bug=20548612=20=E2=80=93=20g=5Fstrstr?= =?utf8?q?=5Flen()=20should=20use=20memmem=20when=20available?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit 2008-08-28 Ryan Lortie [REVERT] Bug 548612 – g_strstr_len() should use memmem when available * glib/gstrfuncs.c (g_strstr_len): fix off-by-one memory access error * glib/tests/strfuncs.c (test_bounds): add some new test cases that would catch problems like this * glib/tests/4096-random-bytes: test data for the previous * glib/tests/Makefile.am: add previous to EXTRA_DIST svn path=/trunk/; revision=7414 --- ChangeLog | 10 +++ glib/gstrfuncs.c | 2 +- glib/tests/4096-random-bytes | 45 +++++++++++++ glib/tests/Makefile.am | 3 + glib/tests/strfuncs.c | 155 +++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 214 insertions(+), 1 deletion(-) create mode 100644 glib/tests/4096-random-bytes diff --git a/ChangeLog b/ChangeLog index 2cd33a4..628e792 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,16 @@ [REVERT] Bug 548612 – g_strstr_len() should use memmem when available + * glib/gstrfuncs.c (g_strstr_len): fix off-by-one memory access error + * glib/tests/strfuncs.c (test_bounds): add some new test cases that + would catch problems like this + * glib/tests/4096-random-bytes: test data for the previous + * glib/tests/Makefile.am: add previous to EXTRA_DIST + +2008-08-28 Ryan Lortie + + [REVERT] Bug 548612 – g_strstr_len() should use memmem when available + * configure.in: * glib/gstrfuncs.c (g_strstr_len): revert use of memmem (see bug) diff --git a/glib/gstrfuncs.c b/glib/gstrfuncs.c index 85aec69..f45bbf7 100644 --- a/glib/gstrfuncs.c +++ b/glib/gstrfuncs.c @@ -2615,7 +2615,7 @@ g_strstr_len (const gchar *haystack, end = haystack + haystack_len - needle_len; - while (*p && p <= end) + while (p <= end && *p) { for (i = 0; i < needle_len; i++) if (p[i] != needle[i]) diff --git a/glib/tests/4096-random-bytes b/glib/tests/4096-random-bytes new file mode 100644 index 0000000..3e7a7db --- /dev/null +++ b/glib/tests/4096-random-bytes @@ -0,0 +1,45 @@ +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMXOxdolodx0WMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWMMMMMMMMMMMMMMMMMM0l' :NMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM0c. .:KMMMMMMMMMMMWd. ,MMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMN, XMMMMMMMMMk. .MMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM' oMMMMMMMMc oMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMNklclkWMMMMMM0 lMMMMMMMc ;MMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMW: .XMMMMMk OMMMMMMx ;WMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMc 'MMMMMK .MMMMMMW. dMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMM. KMMMMM' 0MMMMMM0 ,KMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMM: OMMMMMK OMMMMMMM0 .OMMMMMMMMMMMMMMMM +MMMMMMMMMMMMW0kONMMMMMK KMMMMMMX, ,KMMMMMMMMW. ,kMMMMMMMMMMMMMMMMMM +MMMMMMMMMMWc lWMMMMO .MMMMMMMMMKxxXMMMMMMMMMMM0. .lXMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMM; 'WMMMMN: 0MMMMMMMMMMMMMMMMMMMMMMMMMNl'. ..:xXMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMM. oMMMMMMXdldNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMx .MMMMMMMMMMMMMMMMMMMMMMMWXK0OkkkkkkO0XNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMx NMMMMMMMMMMMMMMWKko:'. .;d0WMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMK, .MMMMMMMMMMW0o;. :KMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMXo;';KMMMMMMMKo' cMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMXl. xMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMk' :MMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMO. dMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMWc ,WMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMN. cWMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMW' '0MMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMd :KMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMM. 'dNMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMM 'oXMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMM. ,xNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMM; .:kNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMO .l0MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMM, :KMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMN. oNMMMMMMMMMMMMMXkoc:,,,,:lOWMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMX. .XMMMMMMMMMMMM0:. .XMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMN. xMMMMMMMMMMMM0 OMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMWc 'NMMMMMMMMMMMO 'WMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMO. .kMMMMMMMMMMc .XMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMWl .l0WMMMW0; .KMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMNl ... ;NMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMWd. .OMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMM0c. 'xWMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM0l. .cKMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNOo;. .;dKMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMNKOxxdddkOXWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM +MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM. diff --git a/glib/tests/Makefile.am b/glib/tests/Makefile.am index 315cbb3..8e2195f 100644 --- a/glib/tests/Makefile.am +++ b/glib/tests/Makefile.am @@ -41,3 +41,6 @@ check-am: gtester-xmllint-check CLEANFILES = \ tmpsample.xml + +EXTRA_DIST += \ + 4096-random-bytes diff --git a/glib/tests/strfuncs.c b/glib/tests/strfuncs.c index a6a5f7f..30b58c4 100644 --- a/glib/tests/strfuncs.c +++ b/glib/tests/strfuncs.c @@ -1048,6 +1048,160 @@ test_strtoll (void) check_int64 ("-001", "", 10, -1, 0); } +static void +test_bounds (void) +{ + GMappedFile *file, *before, *after; + char buffer[4097]; + char *tmp, *tmp2; + char **array; + char *string; + + /* if we allocate the file between two others and then free those + * other two, then hopefully we end up with unmapped memory on either + * side. + */ + before = g_mapped_file_new ("4096-random-bytes", TRUE, NULL); + file = g_mapped_file_new ("4096-random-bytes", TRUE, NULL); + after = g_mapped_file_new ("4096-random-bytes", TRUE, NULL); + g_mapped_file_free (before); + g_mapped_file_free (after); + + g_assert (file != NULL); + g_assert_cmpint (g_mapped_file_get_length (file), ==, 4096); + string = g_mapped_file_get_contents (file); + + /* ensure they're all non-nul */ + g_assert (memchr (string, '\0', 4096) == NULL); + + /* test set 1: ensure that nothing goes past its maximum length, even in + * light of a missing nul terminator. + * + * we try to test all of the 'n' functions here. + */ + tmp = g_strndup (string, 4096); + g_assert_cmpint (strlen (tmp), ==, 4096); + g_free (tmp); + + /* found no bugs in gnome, i hope :) */ + g_assert (g_strstr_len (string, 4096, "BUGS") == NULL); + g_strstr_len (string, 4096, "B"); + g_strstr_len (string, 4096, "."); + g_strstr_len (string, 4096, ""); + + g_strrstr_len (string, 4096, "BUGS"); + g_strrstr_len (string, 4096, "B"); + g_strrstr_len (string, 4096, "."); + g_strrstr_len (string, 4096, ""); + + g_ascii_strdown (string, 4096); + g_ascii_strdown (string, 4096); + g_ascii_strup (string, 4096); + g_ascii_strup (string, 4096); + + g_ascii_strncasecmp (string, string, 4096); + + tmp = g_markup_escape_text (string, 4096); + g_free (tmp); + + /* test set 2: ensure that nothing reads even one byte past a '\0'. + */ + g_assert_cmpint (string[4095], ==, '\n'); + string[4095] = '\0'; + + tmp = g_strdup (string); + g_assert_cmpint (strlen (tmp), ==, 4095); + g_free (tmp); + + tmp = g_strndup (string, 10000); + g_assert_cmpint (strlen (tmp), ==, 4095); + g_free (tmp); + + g_stpcpy (buffer, string); + g_assert_cmpint (strlen (buffer), ==, 4095); + + g_strstr_len (string, 10000, "BUGS"); + g_strstr_len (string, 10000, "B"); + g_strstr_len (string, 10000, "."); + g_strstr_len (string, 10000, ""); + + g_strrstr (string, "BUGS"); + g_strrstr (string, "B"); + g_strrstr (string, "."); + g_strrstr (string, ""); + + g_strrstr_len (string, 10000, "BUGS"); + g_strrstr_len (string, 10000, "B"); + g_strrstr_len (string, 10000, "."); + g_strrstr_len (string, 10000, ""); + + g_str_has_prefix (string, "this won't do very much..."); + g_str_has_suffix (string, "but maybe this will..."); + g_str_has_suffix (string, "HMMMM."); + g_str_has_suffix (string, "MMMM."); + g_str_has_suffix (string, "M."); + + g_strlcpy (buffer, string, sizeof buffer); + g_assert_cmpint (strlen (buffer), ==, 4095); + g_strlcpy (buffer, string, sizeof buffer); + buffer[0] = '\0'; + g_strlcat (buffer, string, sizeof buffer); + g_assert_cmpint (strlen (buffer), ==, 4095); + + tmp = g_strdup_printf ("<%s>", string); + g_assert_cmpint (strlen (tmp), ==, 4095 + 2); + g_free (tmp); + + g_ascii_strdown (string, -1); + g_ascii_strdown (string, -1); + g_ascii_strup (string, -1); + g_ascii_strup (string, -1); + + g_ascii_strcasecmp (string, string); + g_ascii_strncasecmp (string, string, 10000); + + g_strreverse (string); + g_strreverse (string); + g_strchug (string); + g_strchomp (string); + g_strstrip (string); + g_assert_cmpint (strlen (string), ==, 4095); + + g_strdelimit (string, "M", 'N'); + g_strcanon (string, " N.", ':'); + g_assert_cmpint (strlen (string), ==, 4095); + + array = g_strsplit (string, ".", -1); + tmp = g_strjoinv (".", array); + g_strfreev (array); + + g_assert_cmpint (strlen (tmp), ==, 4095); + g_assert (memcmp (tmp, string, 4095) == 0); + g_free (tmp); + + tmp = g_strconcat (string, string, string, NULL); + g_assert_cmpint (strlen (tmp), ==, 4095 * 3); + g_free (tmp); + + tmp = g_strjoin ("!", string, string, NULL); + g_assert_cmpint (strlen (tmp), ==, 4095 + 1 + 4095); + g_free (tmp); + + tmp = g_markup_escape_text (string, -1); + g_free (tmp); + + tmp = g_markup_printf_escaped ("%s", string); + g_free (tmp); + + tmp = g_strescape (string, NULL); + tmp2 = g_strcompress (tmp); + g_assert_cmpstr (string, ==, tmp2); + g_free (tmp2); + g_free (tmp); + + g_mapped_file_free (file); +} + int main (int argc, char *argv[]) @@ -1076,6 +1230,7 @@ main (int argc, g_test_add_func ("/strfuncs/strv-length", test_strv_length); g_test_add_func ("/strfuncs/strtod", test_strtod); g_test_add_func ("/strfuncs/strtoull-strtoll", test_strtoll); + g_test_add_func ("/strfuncs/bounds-check", test_bounds); return g_test_run(); } -- 2.7.4