search

yaml / libyaml

Canonical source repository for LibYAML
http://pyyaml.org/wiki/LibYAML
MIT License
921 stars 312 forks source link

Fix heap buffer overflow in function yaml_emitter_emit_flow_sequence_… #259

Closed ziyangc97 closed 3 months ago

ziyangc97 commented 1 year ago

…item, releated issue:https://github.com/yaml/libyaml/issues/258

ziyangc97 commented 1 year ago

In this PR, I not sure what to do when STACK_EMPTY check is failed. Are we going to print error log and return to end the process, or do we set indent to 0 and continue the process ?

perlpunk commented 3 months ago

Do you know how the problem can be reproduced?

perlpunk commented 3 months ago

As mentioned in #258, I think this shouldn't even happen, and something is wrong already before. The state machine should not get into this position. So I think this wouldn't fix it.

perlpunk commented 3 months ago

I think #290 is a more general fix for this

perlpunk commented 3 months ago

Closing this as it would only be a partial fix (same problem in yaml_emitter_emit_flow_mapping_key), and actually this code shouldn't be called anyway as it only happens when calling yaml_emitter_close after a failing yaml_emitter_dump, see comments in https://github.com/yaml/libyaml/issues/258#issuecomment-2058613931