[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20190313154521.GE23599@brightrain.aerifal.cx>
Date: Wed, 13 Mar 2019 11:45:21 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: RE: [PATCH] Update dn_skipname to work with utf-8 names
On Thu, Mar 07, 2019 at 09:34:58PM +0000, Ryan Fairfax wrote:
> > This is unsafe on untrusted input, in that p += *p + 1 may have
> > undefined behavior. It should be possible to make it safe by comparing
> > against end-p before doing it, and returning -1 in that case.
> >
> > At some level this is a "theoretical" bug, since the amount of the
> > increment is bounded by 256, and any valid pointer is bounded away
> > from the end of address space (the obvious point where the comparison
> > p<end would go wrong) by at least 4096. However allowing UB like that
> > means that it's no longer safe to build the file with hardened tooling
> > that traps on UB, which is why it should be fixed.
> >
> > Rich
>
> Excellent point. A corrected patch that checks that the length we're
> skipping is less than (end-p) is attached.
Thanks. Merging with a minor change for style consistency and edits to
the description since this is not encoding-specific but just pertains
to any 8-bit values in labels.
Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
