Re: patch to fix access beyond allocated buffer in regex.c

Thu, 22 Nov 2007 23:03:52 -0800 

On Nov 23, 2007 12:14 AM, Dominique Pelle <[EMAIL PROTECTED]> wrote:

> Valgrind memory checker detects out of bounds memory access
> when using random characters in regular expressions.
[...snip...]
> I attach a patch which fixes it.  Perhaps there is a better way of
> fixing it.


Hmmm, re-thinking about it, perhaps it's simpler and better to just
make vim_regcomp(expr, re_flags) check whether input regex
string (expr) is a valid utf-8 string before compiling it, and if not,
display an error message to user (something like "Regular expression
is not a valid utf-8 string") and return NULL immediately, rather than
trying to work around invalid utf-8 patterns.  I can't think of any good
reason for searching with a pattern containing invalid utf-8 strings
anyway (when using utf8 encoding)

Something like this?

[EMAIL PROTECTED]:~/sb/vim7/src$ cvs diff -c regexp.c
Index: regexp.c
===================================================================
RCS file: /cvsroot/vim/vim7/src/regexp.c,v
retrieving revision 1.44
diff -c -r1.44 regexp.c
*** regexp.c    11 Aug 2007 11:58:14 -0000      1.44
--- regexp.c    23 Nov 2007 06:57:37 -0000
***************
*** 1008,1013 ****
--- 1008,1018 ----
      if (expr == NULL)
        EMSG_RET_NULL(_(e_null));

+ #ifdef FEAT_MBYTE
+     if (enc_utf8 && !utf_valid_string(expr, NULL))
+       EMSG_RET_NULL(_("Regular expression is an invalid utf-8 string"));
+ #endif
+
      init_class_tab();

      /*


[EMAIL PROTECTED]:~/sb/vim7/src$ cvs diff -c mbyte.c
Index: mbyte.c
===================================================================
RCS file: /cvsroot/vim/vim7/src/mbyte.c,v
retrieving revision 1.59
diff -c -r1.59 mbyte.c
*** mbyte.c     30 Aug 2007 11:52:38 -0000      1.59
--- mbyte.c     23 Nov 2007 06:57:56 -0000
***************
*** 2690,2696 ****
      convert_setup(&vimconv, NULL, NULL);
  }

! #if defined(HAVE_GTK2) || defined(PROTO)
  /*
   * Return TRUE if string "s" is a valid utf-8 string.
   * When "end" is NULL stop at the first NUL.
--- 2690,2696 ----
      convert_setup(&vimconv, NULL, NULL);
  }

! #if defined(HAVE_GTK2) || defined(PROTO) || defined(FEAT_MBYTE)
  /*
   * Return TRUE if string "s" is a valid utf-8 string.
   * When "end" is NULL stop at the first NUL.


-- Dominique

--~--~---------~--~----~------------~-------~--~----~
You received this message from the "vim_dev" maillist.
For more information, visit http://www.vim.org/maillist.php
-~----------~----~----~----~------~----~------~--~---

Raspunde prin e-mail lui