]> Cypherpunks repositories - keks.git/commitdiff
projects / keks.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ba551e3)
Do not deal with very large strings
authorSergey Matveev <stargrave@stargrave.org>
Sun, 6 Oct 2024 09:19:28 +0000 (12:19 +0300)
committerSergey Matveev <stargrave@stargrave.org>
Sun, 6 Oct 2024 09:21:29 +0000 (12:21 +0300)
Currently code won't work with them because of the uint64 overflow.

cyac/dec.c patch | blob | history
cyac/dec.h patch | blob | history
gyac/dec.go patch | blob | history

diff --git a/cyac/dec.c b/cyac/dec.c
index 35d3960a1c74237db4b099193909ab59f6d4be5760f76d227b65be032ac69d53..d8030f8b5d32eafeab7e974ccd87bc8f3b69a12f0c73fd367b02475ed5e1bb8f 100644 (file)
--- a/cyac/dec.c
+++ b/cyac/dec.c
@@ -55,6 +55,9 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
                 ((l < (1 << 16)) && (ll > 2))) {
                 return YACErrLenNonMinimal;
             }
+            if (l > ((uint64_t)(1) << 60)) {
+                return YACErrLenTooBig;
+            }
         }
         atom->off += l;
         if (len < atom->off) {
@@ -65,12 +68,12 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
         if (atom->typ == YACItemStr) {
             size_t cpl = 0;
             uint32_t cp = YACUTF8InvalidCp;
-            for (ll = 0; ll < l;) {
-                cpl = YACUTF8CpDecode(&cp, atom->val.buf + ll, l - ll);
+            for (size_t n = 0; n < l;) {
+                cpl = YACUTF8CpDecode(&cp, atom->val.buf + n, l - n);
                 if (cp == YACUTF8InvalidCp) {
                     return YACErrBadUTF8;
                 }
-                ll += cpl;
+                n += cpl;
             }
         }
         return YACErrNo;
diff --git a/cyac/dec.h b/cyac/dec.h
index a2eef5d6d94ab08d6b661324d4017a4032aa1729dc18159c7ac7fd294570bfe2..f77b53a49fe73388875df08953ac06511c2155426b6be05b800e167f74567324 100644 (file)
--- a/cyac/dec.h
+++ b/cyac/dec.h
@@ -30,6 +30,7 @@ enum YACErr {
     YACErrNotEnough,      // not enough data (atom.off is how much)
     YACErrUnknownType,    // unknown atom's type
     YACErrLenNonMinimal,  // non-minimal string length coding
+    YACErrLenTooBig,      // string length >1<<60
     YACErrBadUTF8,        // invalid UTF-8 codepoint
     YACErrIntZeroByte,    // non-minimal integer coding
     YACErrIntNonMinimal,  // non-minimal integer coding
diff --git a/gyac/dec.go b/gyac/dec.go
index c4ecb3017021b980aafb791275cf705edd05923f7f1f4d19914fdd594e3dc2b1..075804ace25e08b731830744da566e0fd9478bc817f2c80df3e732553eb5297b 100644 (file)
--- a/gyac/dec.go
+++ b/gyac/dec.go
@@ -62,6 +62,7 @@ func (raw *Raw) String() string {
 var (
        ErrNotEnough      = errors.New("not enough data")
        ErrLenNonMinimal  = errors.New("non-minimal len")
+       ErrLenTooBig      = errors.New("string len >1<<60")
        ErrIntZeroByte    = errors.New("zero byte int")
        ErrUnknownType    = errors.New("unknown type")
        ErrBadUTF8        = errors.New("invalid UTF-8")
@@ -103,7 +104,12 @@ func AtomDecode(buf []byte) (item *Item, off int, err error) {
                                err = ErrNotEnough
                                return
                        }
-                       l = int(FromBE(buf[1 : 1+ll]))
+                       ul := FromBE(buf[1 : 1+ll])
+                       if ul > (1 << 60) {
+                               err = ErrLenTooBig
+                               return
+                       }
+                       l = int(ul)
                        if (l < 61) || ((l < (1 << 8)) && (ll > 1)) || ((l < (1 << 16)) && (ll > 2)) {
                                err = ErrLenNonMinimal
                                return
KEKS codec