Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #1237, avoid calling memchr() with unknown size buffer #1238

Merged
merged 1 commit into from
Mar 25, 2022
Merged

Fix #1237, avoid calling memchr() with unknown size buffer #1238

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 15 additions & 1 deletion ut_assert/inc/utassert.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,18 @@
#include <stdio.h>
#include <math.h>

/**
* @brief Flag for use with UtAssert_STRINGBUF_EQ when the string is known to be NULL terminated
*
* The UtAssert_STRINGBUF_EQ is provided to facilitate checking fixed-length strings, which do not
* require NULL termination.
*
* If this macro is used to compare against a standard C string that is guaranteed to be NULL
* terminated, this constant may be passed to the UtAssert_STRINGBUF_EQ macro in place of the
* size parameter for that string.
*/
#define UTASSERT_STRINGBUF_NULL_TERM SIZE_MAX

/**
* Define various types of messages that can be generated by a test.
*
Expand Down Expand Up @@ -607,7 +619,9 @@ typedef struct
* includes the actual string in the log, but filters embedded newlines to keep the log clean.
*
* If the string arguments are guaranteed to be NULL terminated and/or the max size is
* not known, then the SIZE_MAX constant may be passed for the respective string.
* not known, then the UTASSERT_STRINGBUF_NULL_TERM constant may be passed as the size for
* that string. This mechanism allows this check to be used with normal, terminated C strings,
* as well as fixed-length, unterminated strings.
*
*/
#define UtAssert_STRINGBUF_EQ(str1, size1, str2, size2) \
Expand Down
14 changes: 14 additions & 0 deletions ut_assert/src/utassert.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -473,6 +473,16 @@ bool UtAssert_StringBufCompare(const char *String1, size_t String1Max, const cha
{
EndPtr1 = NULL;
}
else if (String1Max == UTASSERT_STRINGBUF_NULL_TERM)
{
/*
* NOTE: it is technically undefined behavior to pass a size to memchr()
* that is larger than the actual buffer, even if it is known/guaranteed
* to find a match within the actual buffer. Therefore the regular strlen()
* is used instead.
*/
EndPtr1 = String1 + strlen(String1);
}
else
{
EndPtr1 = memchr(String1, 0, String1Max);
Expand All @@ -491,6 +501,10 @@ bool UtAssert_StringBufCompare(const char *String1, size_t String1Max, const cha
{
EndPtr2 = NULL;
}
else if (String2Max == UTASSERT_STRINGBUF_NULL_TERM)
{
EndPtr2 = String2 + strlen(String2);
}
else
{
EndPtr2 = memchr(String2, 0, String2Max);
Expand Down