From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0.migadu.com ([2001:41d0:303:5f26::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id YODcKK9342W6XQAAbAwnHQ (envelope-from ) for ; Sat, 02 Mar 2024 20:02:07 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0.migadu.com with LMTPS id 2BchJq9342VtlwAAqHPOHw (envelope-from ) for ; Sat, 02 Mar 2024 20:02:07 +0100 X-Envelope-To: patches@johnnyrichard.com Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=lists.sr.ht header.s=20240113 header.b="gUPhDG9/"; dkim=pass header.d=johnnyrichard.com header.s=key1 header.b=4APEJI94; dmarc=pass (policy=quarantine) header.from=johnnyrichard.com; spf=pass (aspmx1.migadu.com: domain of lists@sr.ht designates 46.23.81.152 as permitted sender) smtp.mailfrom=lists@sr.ht ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=johnnyrichard.com; s=key1; t=1709406127; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:list-id: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=r4acypKQBxH3CJtvAGyMvUW4fp1WJNVnPkI846BrwhY=; b=jNnPWRS4+b09gP0q/UjsSFfWfRd91TWjuHR7Tc5nW1lWSkE7KEkn9LQAWLwp94NI4/sOaY zELLjulB4q3eGr2voA6VKCs2GVAF31jKUGzof7pFgOr/DGE0MK8978HXBt6ClsbszXrarM oZOzqOXWYWE18ch0JZmYq3X55JobXR/Qcti6SBfuQzl7saWgWVlAmhEI3/Z5dw5xLGL23F Gg5QxeL7jMeBjRAlvu9/R1HSwvJ9LnNGRrZglIU30886m3HNwxZgiCDS5BH6JXlFFpE59r sFJOiXx/aydmH/pMtfOtBEhsCZjdJbxh6+knQQGmFgxc/ztoew9ZR4qf/bawvA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=lists.sr.ht header.s=20240113 header.b="gUPhDG9/"; dkim=pass header.d=johnnyrichard.com header.s=key1 header.b=4APEJI94; dmarc=pass (policy=quarantine) header.from=johnnyrichard.com; spf=pass (aspmx1.migadu.com: domain of lists@sr.ht designates 46.23.81.152 as permitted sender) smtp.mailfrom=lists@sr.ht ARC-Seal: i=1; s=key1; d=johnnyrichard.com; t=1709406127; a=rsa-sha256; cv=none; b=jxEP4KB+gqcoS8D+UZMHJzFu2pa6gLiqQnwM7DeE+UgwhQbr3atAZ7ngxIw68tixj2Mv47 Zlr+lY4EnttN1BsksQmurMqYKMnaKSvPEy6BrwWG548/6b6JeVVnzSwSIFmSexKQQJs55e QVMtDJRiIr4U8xTVOlXl1yvdoTmexVtJxlzvpvWhpxakyo2OWeWrKu3knKdWLvOCn7HC26 Okzn5Q4Hu/aZmsGs1V+cTNd1jsrQDvV68jVnT+onH104MgNy5Hrr1Ne02DGhIk3xww4vGN PBE+coNrfQWryThj/RMeOZH/5HQKA5sx7QK5TZQiSnqbZy/sbtoWZ4YFjdc74A== Received: from mail-a.sr.ht (mail-a.sr.ht [46.23.81.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 7FD1A43597 for ; Sat, 2 Mar 2024 20:02:07 +0100 (CET) DKIM-Signature: a=rsa-sha256; bh=eHmAaxfg/VBplVzVcEF2pvxgqU1mqO9sajuSQDegjAc=; c=simple/simple; d=lists.sr.ht; h=From:To:Cc:Subject:Date:List-Unsubscribe:List-Subscribe:List-Archive:List-Post:List-ID; q=dns/txt; s=20240113; t=1709406127; v=1; b=gUPhDG9/p0Nsl9PsYnQx81ck3LI/lNDjDuFXpsu7loF+tG4JXda/Wo8UnXpUcHbXdI7V5ETq n+H+Wlhgj3htcWdSYDu5lfCMyfdV2SCQjqIgMyOvAXqmf45q/XB8vY4jbAaoAtSmJLf9dVPcCS3 KrkhE1ZflIfmK5mTXKQRsVKFlFddborhi92XUdWozeYq9Pv0DXpIGfxIpcgGmSWpi+/6bGpzRMD kbfabObpuRXgI7wcscQeI2xW0vK+J/1WTZhY7H6VEhzja+Ia4dtsKL53eweJS6gzOdVhMm52n9p S4++gWMVu4XFxz9MgXi0Xe4e9x2vXZMGwJmdM67+bzgwQ== Received: from lists.sr.ht (unknown [46.23.81.154]) by mail-a.sr.ht (Postfix) with ESMTPSA id 037072025A for ; Sat, 2 Mar 2024 19:02:07 +0000 (UTC) Received: from out-185.mta0.migadu.com (out-185.mta0.migadu.com [IPv6:2001:41d0:1004:224b::b9]) by mail-a.sr.ht (Postfix) with ESMTPS id 534502024E for <~johnnyrichard/olang-devel@lists.sr.ht>; Sat, 2 Mar 2024 19:02:06 +0000 (UTC) X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=johnnyrichard.com; s=key1; t=1709406125; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=r4acypKQBxH3CJtvAGyMvUW4fp1WJNVnPkI846BrwhY=; b=4APEJI94J43r/ImPGYnzEcKYbyJWkSTEGITmhPUX7sfgB3hESUkeoahdRxDON/mK8eDnoT wlMAieOUSTAP98O+rrnLud+p9ccG6sikOjgncdSlIhOfBQB2f+95G9RpzxJcEa4vCDGq/k lm5GTOubQUy60GCdPYZAHCyiIZHvkuY3+Dg5KdJOEkQGvFpnPOSYysmaWbitTx+lRRXiBY dhEDyzB5rFJ01ocrUHQpTuRXZdVcUEZ/1vKD8r1ZAhpbo3oRc4lT1ay4vHE0oYg6uosfs6 mI7nT/1Utob0esSOO68F8SHCN7NALpQjbA1Zbhop/FCxQAL+vGgJSKcsqygL3g== From: Johnny Richard To: ~johnnyrichard/olang-devel@lists.sr.ht Cc: Johnny Richard Subject: [PATCH olang] string_view: fix stack buffer overflow on to_u32 Date: Sat, 2 Mar 2024 21:01:56 +0100 Message-ID: <20240302200159.919303-1-johnny@johnnyrichard.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Sourcehut-Patchset-Status: PROPOSED List-Unsubscribe: List-Subscribe: List-Archive: Archived-At: List-Post: List-ID: ~johnnyrichard/olang-devel <~johnnyrichard/olang-devel.lists.sr.ht> Sender: ~johnnyrichard/olang-devel <~johnnyrichard/olang-devel@lists.sr.ht> X-Migadu-Flow: FLOW_IN X-Migadu-Country: NL X-Migadu-Spam-Score: -9.02 X-Spam-Score: -9.02 X-Migadu-Queue-Id: 7FD1A43597 X-Migadu-Scanner: mx13.migadu.com X-TUID: xKjUOn263bnr Signed-off-by: Johnny Richard --- src/string_view.c | 2 +- tests/unit/string_view_test.c | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/string_view.c b/src/string_view.c index 084f417..646dabd 100644 --- a/src/string_view.c +++ b/src/string_view.c @@ -40,7 +40,7 @@ uint32_t string_view_to_u32(string_view_t str) { char ret[str.size + 1]; - ret[str.size + 1] = 0; + ret[str.size] = 0; memcpy(ret, str.chars, str.size); return atoi(ret); } diff --git a/tests/unit/string_view_test.c b/tests/unit/string_view_test.c index 1d8627f..fe3dacb 100644 --- a/tests/unit/string_view_test.c +++ b/tests/unit/string_view_test.c @@ -48,6 +48,10 @@ string_view_to_u32_test(const MunitParameter params[], void *user_data_or_fixtur assert_uint32(string_view_to_u32(str), ==, 69); + str = (string_view_t) { .chars = "39;", .size = 2 }; + + assert_uint32(string_view_to_u32(str), ==, 39); + return MUNIT_OK; } -- 2.44.0