shaikat3 / open-vcdiff

Automatically exported from code.google.com/p/open-vcdiff
Apache License 2.0
0 stars 0 forks source link

encoder crashes with NULL source and 0 source length #40

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Attempt to encode with source NULL
    open_vcdiff::VCDiffEncoder enc(NULL, 0) 

You get a segfault. 

The problem is in BlockHash::AddAllBlocksThroughIndex
Specifically, these lines of code cause a problem:

  int last_legal_hash_index = static_cast<int>(source_size() - kBlockSize);
  if (end_limit > last_legal_hash_index) {
    end_limit = last_legal_hash_index + 1;
  }
  const char* block_ptr = source_data() + NextIndexToAdd();
  const char* const end_ptr = source_data() + end_limit;

At this point, block_ptr has the value 0, end_ptr has the bit pattern for -15.

But since these are pointers, and on linux these are unsigned objects, the next 
line

  while (block_ptr < end_ptr) {

executes which results in a null pointer reference. 

Note that if the source length == 0 but the source pointer is something > 16, 
everything is OK. The simplest fix is probably to just bail out early if the 
source data size is 0.

This is in version 0.8.3, on linux. 

Original issue reported on code.google.com by rashapir...@gmail.com on 17 Sep 2013 at 3:25

GoogleCodeExporter commented 9 years ago
Thanks much for reporting the problem!  Your proposed fix will be included in 
the next release of open-vcdiff.

Original comment by openvcd...@gmail.com on 18 Sep 2013 at 4:43

GoogleCodeExporter commented 9 years ago
Resolved in open-vcdiff version 0.8.4.

Original comment by openvcd...@gmail.com on 14 May 2014 at 11:21