Re: [E-devel] [EGIT] [core/efl] master 01/02: address non nul terminated string due to strncpy

Sun, 17 Aug 2014 04:50:26 -0700 

On Sun, 17 Aug 2014 12:39:10 +0100 Tom Hacohen <[email protected]> said:

> Btw raster, it was my commit that introduced the strncpy (which I assumed
> would always have the null because of the same reasoning as you). I did it
> because coverity complained about the use of strcpy. I think it's safer to
> probably revert your patch, use my strncpy patch, and add an explicit
> utf8_escape[sizeof(utf8_escape) - 1] = '\0'; or something of that sort.

i already told coverity to ignore it as there is no winning. it doesnt know the
guarantee of <= 7 bytes including nul byte. the code is safe. coverity was just
not able to figure it out. :)

> On Wed, Aug 13, 2014 at 2:44 AM, Daniel Juyung Seo <[email protected]>
> wrote:
> 
> > This just broke all my elm apps.
> >
> > Program received signal SIGSEGV, Segmentation fault.
> > 0xb7b01aea in _evas_bidi_unicode_to_fribidichar (dest=0x80435000 <Address
> > 0x80435000 out of bounds>,
> >     src=0x80434ff0 L"\x800\x800\x800́" <Address 0x80435000 out of bounds>)
> > at lib/evas/common/language/evas_bidi_utils.c:66
> > 66         while (*src) *dest++ = *src++;
> > (gdb) bt
> > #0  0xb7b01aea in _evas_bidi_unicode_to_fribidichar (dest=0x80435000
> > <Address 0x80435000 out of bounds>,
> >     src=0x80434ff0 L"\x800\x800\x800́" <Address 0x80435000 out of bounds>)
> > at lib/evas/common/language/evas_bidi_utils.c:66
> > #1  0xb7b01ea9 in evas_bidi_paragraph_props_get (
> >     eina_ustr=0x80422d20
> >
> > L"\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> >
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> > \x800́\x800
> >
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> > \x800́\x800
> >
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> > \x800́\x800
> >
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> > \x800́\x800 \x800\x800́\x800\x800\x800́"..., len=190, segment_idxs=0x0) at
> > lib/evas/common/language/evas_bidi_utils.c:251
> > #2  0xb7a4d388 in _evas_object_text_layout (eo_obj=0x8000f079,
> > o=0x802b0258,
> >     text=0x80422d20
> >
> > L"\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800 \x800́\x800\x800\x800́"...) at
> > lib/evas/canvas/evas_object_text.c:706
> > #3  0xb7a529ae in _evas_object_text_recalc (eo_obj=0x8000f079,
> >     text=0x80422d20
> >
> > L"\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800
> >
> > \x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800
> > \x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́\x800\x800\x800́
> > \x800\x800 \x800́\x800\x800\x800́"...) at
> > lib/evas/canvas/evas_object_text.c:2234
> > #4  0xb7a4e0bb in _evas_text_text_set (eo_obj=0x8000f079, o=0x802b0258,
> > _text=0xb792ab46 "") at lib/evas/canvas/evas_object_text.c:989
> > #5  0xb7a5417e in evas_obj_text_set (text=0xb792ab46 "") at
> > ../src/lib/evas/canvas/evas_text.eo.c:44
> > #6  0xb790c9ed in _edje_text_recalc_apply (ed=0x8029d9e0, ep=0x801f0c58,
> > params=0x801f0c64, chosen_desc=0x802c4680, calc_only=1 '\001')
> >     at lib/edje/edje_text.c:474
> > #7  0xb787853a in _edje_part_recalc_single_text (sc=1, ed=0x8029d9e0,
> > ep=0x801f0c58, desc=0x802c4680, chosen_desc=0x802c4680, params=0x801f0c64,
> >     minw=0xbfffe7a0, minh=0xbfffe7a4, maxw=0xbfffe7a8, maxh=0xbfffe7ac) at
> > lib/edje/edje_calc.c:1488
> > #8  0xb787a43b in _edje_part_recalc_single (ed=0x8029d9e0, ep=0x801f0c58,
> > desc=0x802c4680, chosen_desc=0x802c4680, center=0x0, light=0x0, persp=0x0,
> >     rel1_to_x=0x801f0a38, rel1_to_y=0x0, rel2_to_x=0x801efa48,
> > rel2_to_y=0x0, confine_to=0x0, threshold=0x0, params=0x801f0c64, set=0x0,
> > mmw=0, mmh=0, pos=0)
> >     at lib/edje/edje_calc.c:2394
> > #9  0xb787d617 in _edje_part_recalc (ed=0x8029d9e0, ep=0x801f0c58, flags=3,
> > state=0x0) at lib/edje/edje_calc.c:3390
> > #10 0xb787638e in _edje_recalc_do (ed=0x8029d9e0) at
> > lib/edje/edje_calc.c:690
> > #11 0xb79150b4 in _edje_object_size_min_restricted_calc (obj=0x8000b059,
> > ed=0x8029d9e0, minw=0xbfffebe4, minh=0xbfffebe8, restrictedw=5,
> > restrictedh=5)
> >     at lib/edje/edje_util.c:2991
> > #12 0xb790535c in edje_obj_size_min_restricted_calc (minw=0xbfffebe4,
> > minh=0xbfffebe8, restrictedw=5, restrictedh=5) at
> > lib/edje/edje_object.eo.c:472
> > #13 0xb790a744 in edje_object_size_min_restricted_calc (obj=0x8000b059,
> > minw=0xbfffebe4, minh=0xbfffebe8, restrictedw=5, restrictedh=5)
> >     at lib/edje/edje_object.eo.c:1462
> > #14 0xb7d442b6 in _elm_check_elm_layout_sizing_eval (obj=0x8000ae58,
> > _pd=0x8029d8a8) at elm_check.c:169
> > #15 0xb7e0d861 in elm_obj_layout_sizing_eval () at elm_layout.eo.c:66
> > #16 0xb7e07ac5 in _visuals_refresh (obj=0x8000ae58, sd=0x8029d888) at
> > elm_layout.c:287
> > #17 0xb7e07ea8 in _elm_layout_theme_internal (obj=0x8000ae58,
> > sd=0x8029d888) at elm_layout.c:350
> > #18 0xb7e07fea in _elm_layout_elm_widget_theme_apply (obj=0x8000ae58,
> > sd=0x8029d888) at elm_layout.c:370
> > #19 0xb7ec8b9a in elm_obj_widget_theme_apply () at elm_widget.eo.c:443
> > #20 0xb7d44482 in _elm_check_elm_widget_theme_apply (obj=0x8000ae58,
> > sd=0x8029d8a8) at elm_check.c:205
> > #21 0xb7ec8b9a in elm_obj_widget_theme_apply () at elm_widget.eo.c:443
> > #22 0xb7eb33e7 in elm_widget_theme (obj=0x8000ae58) at elm_widget.c:883
> > #23 0xb7eb9bda in _elm_widget_style_set (obj=0x8000ae58, sd=0x8029d7e0,
> > style=0x800b0cfa "toggle") at elm_widget.c:3428
> > #24 0xb7ec2a26 in elm_obj_widget_style_set (style=0x800b0cfa "toggle") at
> > elm_widget.eo.c:84
> > #25 0xb7ec9fc0 in elm_widget_style_set (obj=0x8000ae58, style=0x800b0cfa
> > "toggle") at elm_widget.eo.c:798
> > #26 0xb7e1ee13 in elm_object_style_set (obj=0x8000ae58, style=0x800b0cfa
> > "toggle") at elm_main.c:1255
> > #27 0x80014715 in my_win_main (autorun=0x0, test_win_only=0 '\000') at
> > test.c:466
> > #28 0x80017c97 in elm_main (argc=1, argv=0xbffff0b4) at test.c:921
> > #29 0x80017d49 in main (argc=1, argv=0xbffff0b4) at test.c:934
> >
> > Daniel Juyung Seo (SeoZ)
> >
> >
> > On Wed, Aug 13, 2014 at 9:15 AM, Carsten Haitzler <[email protected]>
> > wrote:
> >
> > > raster pushed a commit to branch master.
> > >
> > >
> > >
> > http://git.enlightenment.org/core/efl.git/commit/?id=d539152156e50e81e18c3eb226db8095f83bd7d1
> > >
> > > commit d539152156e50e81e18c3eb226db8095f83bd7d1
> > > Author: Carsten Haitzler (Rasterman) <[email protected]>
> > > Date:   Wed Aug 13 09:03:02 2014 +0900
> > >
> > >     address non nul terminated string due to strncpy
> > >
> > >     this addresses CID 1230994. as such  eina_unicode_unicode_to_utf8()
> > >     always returns a nul terminated string. so it's guaranteed. but yes -
> > >     if string is 7 bytes or longer it will not put a nul byte on the
> > >     destination. as such for a single unicode char this can never happen
> > >     as in utf8 it's 6 bytes. but since eina_unicode_unicode_to_utf8()
> > >     safely returns a nul terminated string at all times - we can just use
> > >     strcpy safely. no need for strncpy. also handle null return from
> > >     eina_unicode_unicode_to_utf8()
> > > ---
> > >  src/lib/evas/canvas/evas_object_textblock.c | 9 +++++++--
> > >  1 file changed, 7 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/src/lib/evas/canvas/evas_object_textblock.c
> > > b/src/lib/evas/canvas/evas_object_textblock.c
> > > index 930c94b..ae1466c 100644
> > > --- a/src/lib/evas/canvas/evas_object_textblock.c
> > > +++ b/src/lib/evas/canvas/evas_object_textblock.c
> > > @@ -6137,8 +6137,13 @@ _escaped_char_get(const char *s, const char
> > *s_end)
> > >            return NULL;
> > >
> > >          utf8_char = eina_unicode_unicode_to_utf8(uchar, NULL);
> > > -        strncpy(utf8_escape, utf8_char, sizeof(utf8_escape));
> > > -        free(utf8_char);
> > > +        // eina_unicode_unicode_to_utf8() always creates a string that
> > > +        // is nul terminated - guaranteed
> > > +        if (utf8_char)
> > > +          {
> > > +             strcpy(utf8_escape, utf8_char);
> > > +             free(utf8_char);
> > > +          }
> > >
> > >          return utf8_escape;
> > >       }
> > >
> > > --
> > >
> > >
> > >
> >
> > ------------------------------------------------------------------------------
> > _______________________________________________
> > enlightenment-devel mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
> >
> ------------------------------------------------------------------------------
> _______________________________________________
> enlightenment-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/enlightenment-devel


-- 
------------- Codito, ergo sum - "I code, therefore I am" --------------
The Rasterman (Carsten Haitzler)    [email protected]


------------------------------------------------------------------------------
_______________________________________________
enlightenment-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel

Reply via email to