cthrace/collabvm-1.2.ts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cvm-rs: Fix out of bound element length scanning

Browse Source 
Also, add a unit test just to make sure this doesn't happen again.
This commit is contained in:
modeco80
2025-03-06 16:46:09 -05:00
parent 751b0492f6
commit b015274e3b
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
cvm-rs/src/guac.rs
View File

@@ -92,6 +92,12 @@ pub fn decode_instruction(element_string: &String) -> DecodeResult<Elements> {
// We bound this anyways and do quite the checks, so even though it's not great, // We bound this anyways and do quite the checks, so even though it's not great,
// it should be generally fine (TM). // it should be generally fine (TM).
loop { loop {
// Make sure scanning the element length does not try to
// go out of bounds.
if current_position >= chars.len() {
return Err(DecodeError::InvalidFormat);
}
let c = chars[current_position]; let c = chars[current_position];
if c >= '0' && c <= '9' { if c >= '0' && c <= '9' {
@@ -103,6 +109,7 @@ pub fn decode_instruction(element_string: &String) -> DecodeResult<Elements> {
return Err(DecodeError::InvalidFormat); return Err(DecodeError::InvalidFormat);
} }
current_position += 1; current_position += 1;
} }
@@ -189,4 +196,11 @@ mod tests {
assert!(res.is_ok()); assert!(res.is_ok());
assert_eq!(res.unwrap(), vec); assert_eq!(res.unwrap(), vec);
} }
#[test]
fn out_of_bounds_element_does_not_panic() {
let element_string = "0".into();
let res = decode_instruction(&element_string);
assert!(res.is_err());
}
} }