Code::Blocks Forums

Developer forums (C::B DEVELOPMENT STRICTLY!) => Development => Topic started by: Smitty on May 20, 2021, 09:32:45 am

Title: Small patch for out of bounds warning.
Post by: Smitty on May 20, 2021, 09:32:45 am
Here is a little patch to correct a warning - a legitimate warning.
I looked at submitting a patch in the prescribed fashion, but frankly, the instructions were so complicated, that I decided I couldn't be bothered.
I think that should be addressed - it should be mutch easier for anyone to submit patches, or merge requests.

Code
src/scintilla/lexers/LexMMIXAL.cxx

Index: wxscintilla/src/scintilla/lexers/LexMMIXAL.cxx
===================================================================
--- wxscintilla/src/scintilla/lexers/LexMMIXAL.cxx (revision 12450)
+++ wxscintilla/src/scintilla/lexers/LexMMIXAL.cxx (working copy)
@@ -103,7 +103,7 @@
  char s[100];
  sc.GetCurrent(s, sizeof(s));
  if (*s == ':') { // ignore base prefix for match
-                                       for (size_t i = 0; i != sizeof(s); ++i) {
+                                       for (size_t i = 0; i != sizeof(s[0]); ++i) {
  *(s+i) = *(s+i+1);
                                        }
  }
Title: Re: Small patch for out of bounds warning.
Post by: sodev on May 20, 2021, 09:57:36 am
Not sure what the warning was, most probably about accessing an index out of bounds, but your patch does not fix the code, it actually breaks the code. The code fragment removes a leading colon from a string by shifting down the content by one, sizeof(s) == 100, sizeof(s[0]) == 1, after your patch the colon gets overwritten with the following character only. A proper fix would be to use sizeof(s) - 1 in the condition.
Title: Re: Small patch for out of bounds warning.
Post by: Miguel Gimenez on May 20, 2021, 10:18:14 am
Or use
Code
memmove(s, s+1, sizeof(s)-1)
Title: Re: Small patch for out of bounds warning.
Post by: omlk on May 20, 2021, 11:44:15 am
Or use
Code
memmove(s, s+1, sizeof(s)-1)

Code
 
s[100] = "123456789";
s[0] = '1'; ...; s[8] = '9'; s[last] = '\0';

char s[100]; //WCHAR s[100];
char s2[1000];
unsigned char_array_size_bytes = sizeof(s);
unsigned char char_size_bytes = sizeof(s[0]);
unsigned char_counts = char_array_size_bytes /char_size_bytes;
memmove(s2+5, s, strlen(s)+1)
Title: Re: Small patch for out of bounds warning.
Post by: Smitty on May 20, 2021, 12:04:46 pm
I had some problems with pasting my patch into this forum, and somehow I corrupted it - I apologize, I didn't notice.

Absolutely correct, that I have broken almost correct code.

Aside from the fact that there are better ways of doing this, it will cause a buffer over-run warning (on most standard compilers)

Granted, at compile time the sizeof(s) is computed correctly - since s is stack based - this is not an error.  But, warnings should not be allowed to persist.
Title: Re: Small patch for out of bounds warning.
Post by: oBFusCATed on May 20, 2021, 08:07:22 pm
I looked at submitting a patch in the prescribed fashion, but frankly, the instructions were so complicated, that I decided I couldn't be bothered.
Which instructions?
Title: Re: Small patch for out of bounds warning.
Post by: stahta01 on May 20, 2021, 08:58:06 pm
These directions are long; but, I see no reason to believe they are hard or too complex to follow.

https://wiki.codeblocks.org/index.php/Creating_a_patch_to_submit_(Patch_Tracker) (https://wiki.codeblocks.org/index.php/Creating_a_patch_to_submit_(Patch_Tracker))

But, who knows which directions the original poster (OP) used.

Tim S.
Title: Re: Small patch for out of bounds warning.
Post by: grem on March 09, 2024, 08:11:44 pm
Scintilla upstream fixed this issue ( https://sourceforge.net/p/scintilla/bugs/2019/ ) in commit: https://sourceforge.net/u/vic5/scintilla/ci/6d0ce3c92a1371372bd601cd572a078d5e4041a4/ on 2020-04-30.
Title: Re: Small patch for out of bounds warning.
Post by: grem on March 09, 2024, 08:50:38 pm
Attached file "Scintilla_fix_buffer_over-read_with_absolute_reference.patch" contains prepared patch that is taken from upstream fix.

I created patch-ticket: https://sourceforge.net/p/codeblocks/tickets/1463/
Title: Re: Small patch for out of bounds warning.
Post by: grem on March 14, 2024, 11:31:44 pm
Applied in https://sourceforge.net/p/codeblocks/code/13491/

Thanks to Miguel Gimenez.