[hackers] [libgrapheme] Do not falsely read entire buffer instead of simply the filled with || Laslo Hunhold
commit b9e1d4bbd4ce6a53560c1cc863b645a080cd Author: Laslo Hunhold AuthorDate: Thu Nov 24 13:29:31 2022 +0100 Commit: Laslo Hunhold CommitDate: Thu Nov 24 15:51:06 2022 +0100 Do not falsely read entire buffer instead of simply the filled with This was caught via dynamic analysis (clang asan), which I can definitely recommend. Rust evangelists might see this as a prime example for why C is bad, but I still think the benefits outweigh the risks if you consider the maturity of tooling to catch these kinds of errors. In an ideal world we would all be programming in Ada, but C's portability is unmatched. Signed-off-by: Laslo Hunhold diff --git a/test/bidirectional.c b/test/bidirectional.c index 8646afe..f7c6081 100644 --- a/test/bidirectional.c +++ b/test/bidirectional.c @@ -34,7 +34,7 @@ main(int argc, char *argv[]) bidirectional_test[i].cplen, bidirectional_test[i].mode[m], data, datalen); grapheme_bidirectional_get_line_embedding_levels( - data, datalen, lev); + data, ret, lev); if (ret != bidirectional_test[i].cplen || ret > datalen) {
[hackers] [libgrapheme] Do not falsely read entire buffer instead of simply the filled with || Laslo Hunhold
commit d703f3c34e0efed083e68df5d3e111ccea750cbc Author: Laslo Hunhold AuthorDate: Thu Nov 24 13:29:31 2022 +0100 Commit: Laslo Hunhold CommitDate: Wed Nov 2 19:56:32 2022 +0100 Do not falsely read entire buffer instead of simply the filled with This was caught via dynamic analysis (clang asan), which I can definitely recommend. Rust evangelists might see this as a prime example for why C is bad, but I still think the benefits outweigh the risks if you consider the maturity of tooling to catch these kinds of errors. In an ideal world we would all be programming in Ada, but C's portability is unmatched. Signed-off-by: Laslo Hunhold diff --git a/test/bidirectional.c b/test/bidirectional.c index 8646afe..f7c6081 100644 --- a/test/bidirectional.c +++ b/test/bidirectional.c @@ -34,7 +34,7 @@ main(int argc, char *argv[]) bidirectional_test[i].cplen, bidirectional_test[i].mode[m], data, datalen); grapheme_bidirectional_get_line_embedding_levels( - data, datalen, lev); + data, ret, lev); if (ret != bidirectional_test[i].cplen || ret > datalen) {
[hackers] [libgrapheme] Do not falsely read entire buffer instead of simply the filled with || Laslo Hunhold
commit c10fbb9b0a7b564ba47314387cc8f5bc4f83db77 Author: Laslo Hunhold AuthorDate: Thu Nov 24 13:29:31 2022 +0100 Commit: Laslo Hunhold CommitDate: Thu Nov 24 15:51:06 2022 +0100 Do not falsely read entire buffer instead of simply the filled with This was caught via dynamic analysis (clang asan), which I can definitely recommend. Rust evangelists might see this as a prime example for why C is bad, but I still think the benefits outweigh the risks if you consider the maturity of tooling to catch these kinds of errors. In an ideal world we would all be programming in Ada, but C's portability is unmatched. Signed-off-by: Laslo Hunhold diff --git a/test/bidirectional.c b/test/bidirectional.c index 8646afe..f7c6081 100644 --- a/test/bidirectional.c +++ b/test/bidirectional.c @@ -34,7 +34,7 @@ main(int argc, char *argv[]) bidirectional_test[i].cplen, bidirectional_test[i].mode[m], data, datalen); grapheme_bidirectional_get_line_embedding_levels( - data, datalen, lev); + data, ret, lev); if (ret != bidirectional_test[i].cplen || ret > datalen) {
Re: [hackers] [libgrapheme] Do not falsely read entire buffer instead of simply the filled with || Laslo Hunhold
On Thu, 24 Nov 2022 20:32:53 +0600 NRK wrote: Dear NRK, > Small nitpick: ASan (and the other sanitizers) are *dynamic* > analyzers, as they happen during runtime. > > Static analysis is analyzing without executing anything. Examples of > static analyzers would be clang-tidy or cppcheck. Newer GCC versions > also have a `-fanalyzer` flag for statically analyzing C code, but in > my experience it's not mature yet - but the direction looks promising. yes, thanks, you are totally right, of course. :) With best regards Laslo
Re: [hackers] [libgrapheme] Do not falsely read entire buffer instead of simply the filled with || Laslo Hunhold
> This was caught via static analysis (clang asan), which I can definitely > recommend. Small nitpick: ASan (and the other sanitizers) are *dynamic* analyzers, as they happen during runtime. Static analysis is analyzing without executing anything. Examples of static analyzers would be clang-tidy or cppcheck. Newer GCC versions also have a `-fanalyzer` flag for statically analyzing C code, but in my experience it's not mature yet - but the direction looks promising. - NRK
[hackers] [libgrapheme] Do not falsely read entire buffer instead of simply the filled with || Laslo Hunhold
commit 4a46373ab48ea1692bbee2910295717aa416c323 Author: Laslo Hunhold AuthorDate: Thu Nov 24 13:29:31 2022 +0100 Commit: Laslo Hunhold CommitDate: Thu Nov 24 15:00:03 2022 +0100 Do not falsely read entire buffer instead of simply the filled with This was caught via static analysis (clang asan), which I can definitely recommend. Rust evangelists might see this as a prime example for why C is bad, but I still think the benefits outweigh the risks if you consider the maturity of tooling to catch these kinds of errors. In an ideal world we would all be programming in Ada, but C's portability is unmatched. Signed-off-by: Laslo Hunhold diff --git a/test/bidirectional.c b/test/bidirectional.c index 8646afe..f7c6081 100644 --- a/test/bidirectional.c +++ b/test/bidirectional.c @@ -34,7 +34,7 @@ main(int argc, char *argv[]) bidirectional_test[i].cplen, bidirectional_test[i].mode[m], data, datalen); grapheme_bidirectional_get_line_embedding_levels( - data, datalen, lev); + data, ret, lev); if (ret != bidirectional_test[i].cplen || ret > datalen) {