Fix heap buffer overflow #852
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sbvoxel
force-pushed
the
oob
branch
2 times, most recently
from
fba187a
to
036d3dc
Compare
|
I force pushed some styling changes to hopefully make it match the existing codebase. I accidentally wrote the styling in my personal style :) Feel free to change further. |
sbvoxel
force-pushed
the
oob
branch
2 times, most recently
from
1a3319e
to
7537355
Compare
|
Looks the actions of GCC on linux got a compile warning. |
|
Pushed a missing cast for C compatibility. Edit: Aww to the wrong commit. One sec. |
Alanscut
reviewed
May 6, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #800
Note that I have a kernel bug which makes ASan fail when address layout randomization is enabled. On top of that, CMake's CHECK_C_COMPILER_FLAG for some reason returns false on my machine for the address sanitizer (among others). So it's a bit of a bother testing this, but I did do so. I just had to force the address sanitizer to be on and disable address layout randomization. Someone else can perhaps test the new test normally, with and without the fix.
I hope the style of test is fine. It's meant to catch the issue when the address sanitizer is enabled. It will simply pass, or at least likely to, if the sanitizer is off.
The first string in the test is the actual string which triggers the bug. The second doesn't, but protects against future bugs in the surrounding area. More strings can be added with ease.