scintilla: buffer: fixed invalid read via strlen when loading a file#145
Merged
donho merged 1 commit intonotepad-plus-plus:masterfrom Jun 1, 2015
milipili:fix-invalid-read-via-strlen-when-loading
Merged
scintilla: buffer: fixed invalid read via strlen when loading a file#145donho merged 1 commit intonotepad-plus-plus:masterfrom milipili:fix-invalid-read-via-strlen-when-loading
donho merged 1 commit intonotepad-plus-plus:masterfrom
milipili:fix-invalid-read-via-strlen-when-loading
Conversation
When loading a file via `FileManager::loadFileData`, a fixed-length buffer is filled via `fread`. Then, in some cases, a conversion is done with the help of `Utf8_16_Read`. However, the method `Utf8_16_Read::convert` performs a call to `strlen` on this buffer. This is obviously wrong: `\0` char should be accepted (even if a bit strange) and the buffer is not zero-terminated. The changes merely consist in adding an additional parameter `length` to not have to guess the size of the buffer.
donho
added a commit
that referenced
this pull request
Jun 1, 2015
…n-loading [BUG_FIXED] buffer: fixed invalid read via strlen when loading a file
chcg
added a commit
to chcg/notepad-plus-plus
that referenced
this pull request
Mar 13, 2023
Released 13 March 2023.
C++: Fix failure to recognize keywords containing upper case. Issue notepad-plus-plus#149.
GDScript: Support % and $ node paths. Issue notepad-plus-plus#145, Pull request notepad-plus-plus#146.
donho
pushed a commit
that referenced
this pull request
Mar 13, 2023
https://www.scintilla.org/scintilla534.zip Released 8 March 2023. Add multithreaded wrap to significantly improve performance of wrapping large files. More typesafe bindings of *Full APIs in ScintillaCall. Feature #1477. Fix overlapping of text with line end wrap marker. Bug #2378. Fix clipping of line end wrap symbol for SC_WRAPVISUALFLAGLOC_END_BY_TEXT. Where a multi-byte character contains multiple styles, display each byte as a representation. This makes it easier to see and fix lexers that change styles mid-character, commonly because they use fixed size buffers. Fix a potential crash with autocompletion list fill-ups where a SCN_CHARADDED handler retriggered an autocompletion list, but with no items that match the typed character. lexilla523 Released 8 March 2023. Add scripts/PromoteNew.bat script to promote .new files after checking. Makefile: Remove 1024-byte line length limit.. Ruby: Add new lexical classes for % literals SCE_RB_STRING_W (%w non-interpolable string array), SCE_RB_STRING_I (%i non-interpolable symbol array), SCE_RB_STRING_QI (%I interpolable symbol array), and SCE_RB_STRING_QS (%s symbol). Issue #124. Ruby: Disambiguate %= which may be a quote or modulo assignment. Issue #124, Bug #1255, Bug #2182. Ruby: Fix additional fold level for single character in SCE_RB_STRING_QW. Issue #132. Ruby: Set SCE_RB_HERE_QQ for unquoted and double-quoted heredocs and SCE_RB_HERE_QX for backticks-quoted heredocs. Issue #134. Ruby: Recognise #{} inside SCE_RB_HERE_QQ and SCE_RB_HERE_QX. Issue #134. Ruby: Improve regex and heredoc recognition. Issue #136. Ruby: Highlight #@, #@@ and #$ style interpolation. Issue #140. Ruby: Fix folding for multiple heredocs started on one line. Fix folding when there is a space after heredoc opening delimiter. Issue #135. YAML: Remove 1024-byte line length limit. https://www.scintilla.org/lexilla524.zip Released 13 March 2023. C++: Fix failure to recognize keywords containing upper case. Issue #149. GDScript: Support % and $ node paths. Issue #145, Pull request #146. Close #13338
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When loading a file via
FileManager::loadFileData, a fixed-length bufferis filled via
fread. Then, in some cases, a conversion is done with the helpof
Utf8_16_Read. However, the methodUtf8_16_Read::convertperforms a callto
strlenon this buffer. This is obviously wrong:\0char should beaccepted (even if a bit strange) and the buffer is not zero-terminated.
The changes merely consist in adding an additional parameter
lengthtonot have to guess the size of the buffer.
The attached screenshot shows before and after the patch. The variable
lengthactually shows the good value, whereas
lengthWithStrlenshows the previouscomputed value.