Skip to content
Snippets Groups Projects
Select Git revision
  • dualcore
  • ch3/leds
  • wip-bootstrap default
  • ch3/time
  • master
5 results

extra_coverage.py.exp

  • Damien George's avatar
    ede8a023
    py/vstr: Raise a RuntimeError if fixed vstr buffer overflows. · ede8a023
    Damien George authored 
    Current users of fixed vstr buffers (building file paths) assume that there
is no overflow and do not check for overflow after building the vstr.  This
has the potential to lead to NULL pointer dereferences
(when vstr_null_terminated_str returns NULL because it can't allocate RAM
for the terminating byte) and stat'ing and loading invalid path names (due
to the path being truncated).  The safest and simplest thing to do in these
cases is just raise an exception if a write goes beyond the end of a fixed
vstr buffer, which is what this patch does.  It also simplifies the vstr
code.
    ede8a023
    History
    py/vstr: Raise a RuntimeError if fixed vstr buffer overflows.
    Damien George authored 
    Current users of fixed vstr buffers (building file paths) assume that there
is no overflow and do not check for overflow after building the vstr.  This
has the potential to lead to NULL pointer dereferences
(when vstr_null_terminated_str returns NULL because it can't allocate RAM
for the terminating byte) and stat'ing and loading invalid path names (due
to the path being truncated).  The safest and simplest thing to do in these
cases is just raise an exception if a write goes beyond the end of a fixed
vstr buffer, which is what this patch does.  It also simplifies the vstr
code.