mirror of
https://github.com/red0124/ssp.git
synced 2025-01-23 04:55:20 +01:00
Fix buffer overflow on multiline restricted with unterminated quote and multiple empty lines (#41)
This commit is contained in:
parent
27bd60b5ce
commit
df2beab6c3
@ -269,6 +269,7 @@ private:
|
|||||||
|
|
||||||
void handle_error_multiline_limit_reached() {
|
void handle_error_multiline_limit_reached() {
|
||||||
constexpr static auto error_msg = "multiline limit reached";
|
constexpr static auto error_msg = "multiline limit reached";
|
||||||
|
splitter_.unterminated_quote_ = false;
|
||||||
|
|
||||||
if constexpr (string_error) {
|
if constexpr (string_error) {
|
||||||
error_.clear();
|
error_.clear();
|
||||||
|
@ -789,7 +789,8 @@ private:
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!append_next_line_to_buffer(next_line_buffer_,
|
if (!append_next_line_to_buffer(next_line_buffer_,
|
||||||
next_line_size_)) {
|
next_line_size_,
|
||||||
|
next_line_buffer_size_)) {
|
||||||
next_line_converter_.handle_error_unterminated_escape();
|
next_line_converter_.handle_error_unterminated_escape();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -807,7 +808,8 @@ private:
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!append_next_line_to_buffer(next_line_buffer_,
|
if (!append_next_line_to_buffer(next_line_buffer_,
|
||||||
next_line_size_)) {
|
next_line_size_,
|
||||||
|
next_line_buffer_size_)) {
|
||||||
next_line_converter_.handle_error_unterminated_quote();
|
next_line_converter_.handle_error_unterminated_quote();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -818,8 +820,9 @@ private:
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!append_next_line_to_buffer(next_line_buffer_,
|
if (!append_next_line_to_buffer(
|
||||||
next_line_size_)) {
|
next_line_buffer_, next_line_size_,
|
||||||
|
next_line_buffer_size_)) {
|
||||||
next_line_converter_
|
next_line_converter_
|
||||||
.handle_error_unterminated_escape();
|
.handle_error_unterminated_escape();
|
||||||
return;
|
return;
|
||||||
@ -863,13 +866,14 @@ private:
|
|||||||
return next_line_converter_.unterminated_quote();
|
return next_line_converter_.unterminated_quote();
|
||||||
}
|
}
|
||||||
|
|
||||||
void undo_remove_eol(char* buffer, size_t& string_end) {
|
void undo_remove_eol(char* buffer, size_t& line_size,
|
||||||
if (crlf_) {
|
size_t buffer_size) {
|
||||||
std::copy_n("\r\n", 2, buffer + string_end);
|
if (crlf_ && buffer_size >= line_size + 2) {
|
||||||
string_end += 2;
|
std::copy_n("\r\n", 2, buffer + line_size);
|
||||||
} else {
|
line_size += 2;
|
||||||
std::copy_n("\n", 1, buffer + string_end);
|
} else if (buffer_size > line_size) {
|
||||||
string_end += 1;
|
std::copy_n("\n", 1, buffer + line_size);
|
||||||
|
line_size += 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -903,8 +907,9 @@ private:
|
|||||||
first_size += second_size;
|
first_size += second_size;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool append_next_line_to_buffer(char*& buffer, size_t& size) {
|
bool append_next_line_to_buffer(char*& buffer, size_t& line_size,
|
||||||
undo_remove_eol(buffer, size);
|
size_t buffer_size) {
|
||||||
|
undo_remove_eol(buffer, line_size, buffer_size);
|
||||||
|
|
||||||
chars_read_ = curr_char_;
|
chars_read_ = curr_char_;
|
||||||
auto [next_ssize, eof] =
|
auto [next_ssize, eof] =
|
||||||
@ -917,8 +922,8 @@ private:
|
|||||||
|
|
||||||
++line_number_;
|
++line_number_;
|
||||||
size_t next_size = remove_eol(helper_buffer_, next_ssize);
|
size_t next_size = remove_eol(helper_buffer_, next_ssize);
|
||||||
realloc_concat(buffer, size, next_line_buffer_size_, helper_buffer_,
|
realloc_concat(buffer, line_size, next_line_buffer_size_,
|
||||||
next_size);
|
helper_buffer_, next_size);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
36
ssp.hpp
36
ssp.hpp
@ -2021,6 +2021,7 @@ private:
|
|||||||
|
|
||||||
void handle_error_multiline_limit_reached() {
|
void handle_error_multiline_limit_reached() {
|
||||||
constexpr static auto error_msg = "multiline limit reached";
|
constexpr static auto error_msg = "multiline limit reached";
|
||||||
|
splitter_.unterminated_quote_ = false;
|
||||||
|
|
||||||
if constexpr (string_error) {
|
if constexpr (string_error) {
|
||||||
error_.clear();
|
error_.clear();
|
||||||
@ -3024,7 +3025,8 @@ private:
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!append_next_line_to_buffer(next_line_buffer_,
|
if (!append_next_line_to_buffer(next_line_buffer_,
|
||||||
next_line_size_)) {
|
next_line_size_,
|
||||||
|
next_line_buffer_size_)) {
|
||||||
next_line_converter_.handle_error_unterminated_escape();
|
next_line_converter_.handle_error_unterminated_escape();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -3042,7 +3044,8 @@ private:
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!append_next_line_to_buffer(next_line_buffer_,
|
if (!append_next_line_to_buffer(next_line_buffer_,
|
||||||
next_line_size_)) {
|
next_line_size_,
|
||||||
|
next_line_buffer_size_)) {
|
||||||
next_line_converter_.handle_error_unterminated_quote();
|
next_line_converter_.handle_error_unterminated_quote();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -3053,8 +3056,9 @@ private:
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!append_next_line_to_buffer(next_line_buffer_,
|
if (!append_next_line_to_buffer(
|
||||||
next_line_size_)) {
|
next_line_buffer_, next_line_size_,
|
||||||
|
next_line_buffer_size_)) {
|
||||||
next_line_converter_
|
next_line_converter_
|
||||||
.handle_error_unterminated_escape();
|
.handle_error_unterminated_escape();
|
||||||
return;
|
return;
|
||||||
@ -3098,13 +3102,14 @@ private:
|
|||||||
return next_line_converter_.unterminated_quote();
|
return next_line_converter_.unterminated_quote();
|
||||||
}
|
}
|
||||||
|
|
||||||
void undo_remove_eol(char* buffer, size_t& string_end) {
|
void undo_remove_eol(char* buffer, size_t& line_size,
|
||||||
if (crlf_) {
|
size_t buffer_size) {
|
||||||
std::copy_n("\r\n", 2, buffer + string_end);
|
if (crlf_ && buffer_size >= line_size + 2) {
|
||||||
string_end += 2;
|
std::copy_n("\r\n", 2, buffer + line_size);
|
||||||
} else {
|
line_size += 2;
|
||||||
std::copy_n("\n", 1, buffer + string_end);
|
} else if (buffer_size > line_size) {
|
||||||
string_end += 1;
|
std::copy_n("\n", 1, buffer + line_size);
|
||||||
|
line_size += 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3138,8 +3143,9 @@ private:
|
|||||||
first_size += second_size;
|
first_size += second_size;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool append_next_line_to_buffer(char*& buffer, size_t& size) {
|
bool append_next_line_to_buffer(char*& buffer, size_t& line_size,
|
||||||
undo_remove_eol(buffer, size);
|
size_t buffer_size) {
|
||||||
|
undo_remove_eol(buffer, line_size, buffer_size);
|
||||||
|
|
||||||
chars_read_ = curr_char_;
|
chars_read_ = curr_char_;
|
||||||
auto [next_ssize, eof] =
|
auto [next_ssize, eof] =
|
||||||
@ -3152,8 +3158,8 @@ private:
|
|||||||
|
|
||||||
++line_number_;
|
++line_number_;
|
||||||
size_t next_size = remove_eol(helper_buffer_, next_ssize);
|
size_t next_size = remove_eol(helper_buffer_, next_ssize);
|
||||||
realloc_concat(buffer, size, next_line_buffer_size_, helper_buffer_,
|
realloc_concat(buffer, line_size, next_line_buffer_size_,
|
||||||
next_size);
|
helper_buffer_, next_size);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -16,13 +16,14 @@ TEST_CASE_TEMPLATE("test multiline restricted", T, ParserOptionCombinations) {
|
|||||||
out << "5,6,just\\\n\\\nstrings" << std::endl;
|
out << "5,6,just\\\n\\\nstrings" << std::endl;
|
||||||
#endif
|
#endif
|
||||||
out << "7,8,ju\\\n\\\n\\\nnk" << std::endl;
|
out << "7,8,ju\\\n\\\n\\\nnk" << std::endl;
|
||||||
|
out << "99,100,\"\n\n\n\n" << std::endl;
|
||||||
out << "9,10,\"just\\\n\nstrings\"" << std::endl;
|
out << "9,10,\"just\\\n\nstrings\"" << std::endl;
|
||||||
out << "11,12,\"ju\\\n|\n\n\n\n\nk\"" << std::endl;
|
out << "11,12,\"ju\\\n|\n\n\n\n\nk\"" << std::endl;
|
||||||
out << "13,14,\"ju\\\n\\\n15,16\"\\\n\\\\\n\nnk\"" << std::endl;
|
out << "13,14,\"ju\\\n\\\n15,16\"\\\n\\\\\n\nnk\"" << std::endl;
|
||||||
out << "17,18,\"ju\\\n\\\n\\\n\\\\\n\nnk\"" << std::endl;
|
out << "17,18,\"ju\\\n\\\n\\\n\\\\\n\nnk\"" << std::endl;
|
||||||
out << "19,20,just strings" << std::endl;
|
out << "19,20,just strings" << std::endl;
|
||||||
}
|
}
|
||||||
auto bad_lines = 15;
|
auto bad_lines = 20;
|
||||||
auto num_errors = 0;
|
auto num_errors = 0;
|
||||||
|
|
||||||
auto [p, _] =
|
auto [p, _] =
|
||||||
|
Loading…
Reference in New Issue
Block a user