[tracker/wip/carlosg/title-collator-invalid-reads: 2/2]	libtracker-data: Do not step on past string boundaries
- From: Carlos Garnacho <carlosg src gnome org>
- To: commits-list gnome org
- Cc: 
- Subject: [tracker/wip/carlosg/title-collator-invalid-reads: 2/2]	libtracker-data: Do not step on past string boundaries
- Date: Wed, 10 Jul 2019 11:07:54 +0000 (UTC)
commit b0c426eb7f66a6a7e322096bcd3bb976fca106e5
Author: Carlos Garnacho <carlosg gnome org>
Date:   Wed Jul 10 13:03:29 2019 +0200
    libtracker-data: Do not step on past string boundaries
    
    The skip_non_alphanumeric() function would trip on 0-len strings,
    reading at least one "character" past the actual string memory.
    Depending on the actual memory contents after the string, the
    collator might also be tricked into a negative string length,
    at which point chaos ensues.
    
    Check that we are between bounds upfront, so that this doesn't
    happen.
 src/libtracker-data/tracker-collation.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)
---
diff --git a/src/libtracker-data/tracker-collation.c b/src/libtracker-data/tracker-collation.c
index 2470ed287..3fedbe326 100644
--- a/src/libtracker-data/tracker-collation.c
+++ b/src/libtracker-data/tracker-collation.c
@@ -249,14 +249,15 @@ skip_non_alphanumeric (const gchar **str,
        gboolean found = FALSE, is_alnum;
        gunichar unichar;
 
-       do {
+       while (remaining < end) {
                unichar = g_utf8_get_char (remaining);
                is_alnum = g_unichar_isalnum (unichar);
-               if (!is_alnum) {
-                       found = TRUE;
-                       remaining = g_utf8_next_char (remaining);
-               }
-       } while (!is_alnum && remaining < end);
+               if (is_alnum)
+                       break;
+
+               found = TRUE;
+               remaining = g_utf8_next_char (remaining);
+       }
 
        /* The string must not be left empty */
        if (remaining == end)
[
Date Prev][
Date Next]   [
Thread Prev][
Thread Next]   
[
Thread Index]
[
Date Index]
[
Author Index]