Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1:Update
libplist
0018-Avoid-heap-buffer-allocation-when-parsing-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0018-Avoid-heap-buffer-allocation-when-parsing-array-dict-string-data-node-sizes-14.patch of Package libplist
From e9895752a396c4acb8c2b4ba525c13329d4e9fab Mon Sep 17 00:00:00 2001 From: Nikias Bassen <nikias@gmx.li> Date: Wed, 1 Feb 2017 18:50:00 +0100 Subject: [PATCH] bplist: Avoid heap buffer allocation when parsing array/dict/string/data node sizes > 14 The sizes where effectively parsed by calling parse_uint_node() which allocates a node_t (along with plist_data_t) that is immediately freed after retrieving the integer value it holds. This commit changes the code to directly operate on the binary stream to 'just' read the size instead, reducing the memory footprint further. --- src/bplist.c | 45 +++++++++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/src/bplist.c b/src/bplist.c index 64c9081..2e32f70 100644 --- a/src/bplist.c +++ b/src/bplist.c @@ -557,11 +557,12 @@ static plist_t parse_bin_node(struct bplist_data *bplist, const char** object) case BPLIST_DATA: if (BPLIST_FILL == size) { - plist_t size_node = parse_bin_node(bplist, object); - if (plist_get_node_type(size_node) != PLIST_UINT) + uint8_t next_size = **object & BPLIST_FILL; + if ((**object & BPLIST_MASK) != BPLIST_UINT) return NULL; - plist_get_uint_val(size_node, &size); - plist_free(size_node); + (*object)++; + size = UINT_TO_HOST(*object, (1 << next_size)); + (*object) += (1 << next_size); } if (*object - bplist->data + size >= bplist->size) @@ -570,11 +571,12 @@ static plist_t parse_bin_node(struct bplist_data *bplist, const char** object) case BPLIST_STRING: if (BPLIST_FILL == size) { - plist_t size_node = parse_bin_node(bplist, object); - if (plist_get_node_type(size_node) != PLIST_UINT) + uint8_t next_size = **object & BPLIST_FILL; + if ((**object & BPLIST_MASK) != BPLIST_UINT) return NULL; - plist_get_uint_val(size_node, &size); - plist_free(size_node); + (*object)++; + size = UINT_TO_HOST(*object, (1 << next_size)); + (*object) += (1 << next_size); } if (*object - bplist->data + size >= bplist->size) @@ -583,11 +585,12 @@ static plist_t parse_bin_node(struct bplist_data *bplist, const char** object) case BPLIST_UNICODE: if (BPLIST_FILL == size) { - plist_t size_node = parse_bin_node(bplist, object); - if (plist_get_node_type(size_node) != PLIST_UINT) + uint8_t next_size = **object & BPLIST_FILL; + if ((**object & BPLIST_MASK) != BPLIST_UINT) return NULL; - plist_get_uint_val(size_node, &size); - plist_free(size_node); + (*object)++; + size = UINT_TO_HOST(*object, (1 << next_size)); + (*object) += (1 << next_size); } if (*object - bplist->data + size * 2 >= bplist->size) @@ -597,11 +600,12 @@ static plist_t parse_bin_node(struct bplist_data *bplist, const char** object) case BPLIST_SET: case BPLIST_ARRAY: if (BPLIST_FILL == size) { - plist_t size_node = parse_bin_node(bplist, object); - if (plist_get_node_type(size_node) != PLIST_UINT) + uint8_t next_size = **object & BPLIST_FILL; + if ((**object & BPLIST_MASK) != BPLIST_UINT) return NULL; - plist_get_uint_val(size_node, &size); - plist_free(size_node); + (*object)++; + size = UINT_TO_HOST(*object, (1 << next_size)); + (*object) += (1 << next_size); } if (*object - bplist->data + size >= bplist->size) @@ -613,11 +617,12 @@ static plist_t parse_bin_node(struct bplist_data *bplist, const char** object) case BPLIST_DICT: if (BPLIST_FILL == size) { - plist_t size_node = parse_bin_node(bplist, object); - if (plist_get_node_type(size_node) != PLIST_UINT) + uint8_t next_size = **object & BPLIST_FILL; + if ((**object & BPLIST_MASK) != BPLIST_UINT) return NULL; - plist_get_uint_val(size_node, &size); - plist_free(size_node); + (*object)++; + size = UINT_TO_HOST(*object, (1 << next_size)); + (*object) += (1 << next_size); } if (*object - bplist->data + size >= bplist->size)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor