Skip to content

F
folly
Commit cfd29074 authored by Nick Terrell's avatar Nick Terrell Committed by Facebook GitHub Bot
Browse files
Options

Fix 1-byte heap overrun 

Summary: Fix 1-byte buffer overrun when parsing the string "\t".

Reviewed By: mhlakhani

Differential Revision: D22931605

fbshipit-source-id: a90d0a64b882ed8fef96285d47e11fa082178449
parent ef52bd9a
Show whitespace changes
Inline Side-by-side
Showing with 8 additions and 3 deletions
folly/Conv.cpp
View file @ cfd29074
......@@ -397,9 +397,9 @@ Expected<Tgt, ConversionCode> str_to_floating(StringPiece* src) noexcept {
auto* e = src->end();
auto* b =
std::find_if_not(src->begin(), e, [](char c) { return std::isspace(c); });
// There must be non-whitespace, otherwise we would have caught this above
assert(b < e);
if (b == e) {
return makeUnexpected(ConversionCode::EMPTY_INPUT_STRING);
}
auto size = size_t(e - b);
bool negative = false;
......
folly/test/ConvTest.cpp
View file @ cfd29074
......@@ -969,6 +969,7 @@ TEST(Conv, ConversionErrorStrToFloat) {
EXPECT_CONV_ERROR_STR_NOVAL(float, StringPiece(), EMPTY_INPUT_STRING);
EXPECT_CONV_ERROR_STR_NOVAL(float, "", EMPTY_INPUT_STRING);
EXPECT_CONV_ERROR_STR(float, " ", EMPTY_INPUT_STRING);
EXPECT_CONV_ERROR_STR(float, "\t", EMPTY_INPUT_STRING);
EXPECT_CONV_ERROR_STR(float, " junk", STRING_TO_FLOAT_ERROR);
EXPECT_CONV_ERROR(to<float>(" 1bla"), NON_WHITESPACE_AFTER_END, "bla");
}
......@@ -1213,6 +1214,10 @@ TEST(Conv, TryStringToDouble) {
auto rv2 = folly::tryTo<double>("3.14");
EXPECT_TRUE(rv2.hasValue());
EXPECT_NEAR(rv2.value(), 3.14, 1e-10);
// No trailing '\0' to expose 1-byte buffer over-read
char y = '\t';
auto rv4 = folly::tryTo<double>(folly::StringPiece(&y, 1));
EXPECT_FALSE(rv4.hasValue());
}
TEST(Conv, TryIntToInt) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment