Date: Wed, 13 Mar 2019 11:45:21 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com Subject: Re: RE: [PATCH] Update dn_skipname to work with utf-8 names On Thu, Mar 07, 2019 at 09:34:58PM +0000, Ryan Fairfax wrote: > > This is unsafe on untrusted input, in that p += *p + 1 may have > > undefined behavior. It should be possible to make it safe by comparing > > against end-p before doing it, and returning -1 in that case. > > > > At some level this is a "theoretical" bug, since the amount of the > > increment is bounded by 256, and any valid pointer is bounded away > > from the end of address space (the obvious point where the comparison > > p<end would go wrong) by at least 4096. However allowing UB like that > > means that it's no longer safe to build the file with hardened tooling > > that traps on UB, which is why it should be fixed. > > > > Rich > > Excellent point. A corrected patch that checks that the length we're > skipping is less than (end-p) is attached. Thanks. Merging with a minor change for style consistency and edits to the description since this is not encoding-specific but just pertains to any 8-bit values in labels. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.