From: Safin Timur via Tarantool-patches <tarantool-patches@dev.tarantool.org> To: imeevma@tarantool.org Cc: tarantool-patches@dev.tarantool.org Subject: Re: [Tarantool-patches] [PATCH v1 1/1] sql: fix a segfault in hex() on receiving zeroblob Date: Fri, 3 Sep 2021 22:20:01 +0300 [thread overview] Message-ID: <5b9c9dbb-1de6-ac7c-b432-4e878873e83d@tarantool.org> (raw) In-Reply-To: <3fddf927be4ef819b63e172f29af58ac352da640.1630304393.git.imeevma@gmail.com> This version is much simpler and is quite readable as is. LGTM. Though few unimportant notes... On 30.08.2021 9:20, imeevma@tarantool.org wrote: > This patch fixes a segmentation fault when zeroblob is received by the > SQL built-in HEX() function. > > Closes #6113 > --- > https://github.com/tarantool/tarantool/issues/6113 > https://github.com/tarantool/tarantool/tree/imeevma/gh-6113-fix-hex-segfault-2.8 > > diff --git a/src/box/sql/func.c b/src/box/sql/func.c > index b137c6125..3ef31705e 100644 > --- a/src/box/sql/func.c > +++ b/src/box/sql/func.c > @@ -1221,15 +1221,21 @@ hexFunc(sql_context * context, int argc, sql_value ** argv) > UNUSED_PARAMETER(argc); > pBlob = mem_as_bin(argv[0]); > n = mem_len_unsafe(argv[0]); > + assert((argv[0]->flags & MEM_Zero) == 0 || > + argv[0]->type == MEM_TYPE_BIN); I believe this is unncessary, as those exactly checks were already done inside of mem_len() > + int zero_len = (argv[0]->flags & MEM_Zero) == 0 ? 0 : argv[0]->u.nZero; > assert(pBlob == mem_as_bin(argv[0])); /* No encoding change */ > z = zHex = contextMalloc(context, ((i64) n) * 2 + 1); Worth to note that here contextMalloc() used to check passed length against SQL_LIMIT_LENGTH, in the newer code this check disappeared. > if (zHex) { > - for (i = 0; i < n; i++, pBlob++) { > + for (i = 0; i < n - zero_len; i++, pBlob++) { > unsigned char c = *pBlob; > *(z++) = hexdigits[(c >> 4) & 0xf]; > *(z++) = hexdigits[c & 0xf]; > } > - *z = 0; > + assert(i == n || (argv[0]->flags & MEM_Zero) != 0); > + assert(n == zero_len + i); > + memset(z, '0', 2 * zero_len); > + z[2 * zero_len] = '\0'; > sql_result_text(context, zHex, n * 2, sql_free); > } > } Regards, Timur
next prev parent reply other threads:[~2021-09-03 19:20 UTC|newest] Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-08-30 6:20 Mergen Imeev via Tarantool-patches 2021-09-03 19:20 ` Safin Timur via Tarantool-patches [this message] -- strict thread matches above, loose matches on Subject: below -- 2021-10-05 12:49 Mergen Imeev via Tarantool-patches 2021-08-30 6:30 Mergen Imeev via Tarantool-patches 2021-08-31 19:32 ` Timur Safin via Tarantool-patches 2021-09-01 8:44 ` Mergen Imeev via Tarantool-patches 2021-09-03 19:19 ` Safin Timur via Tarantool-patches 2021-09-06 9:45 ` Mergen Imeev via Tarantool-patches 2021-09-06 20:32 ` Safin Timur via Tarantool-patches 2021-09-07 9:16 ` Mergen Imeev via Tarantool-patches 2021-08-26 11:11 Mergen Imeev via Tarantool-patches 2021-08-26 20:42 ` Vladislav Shpilevoy via Tarantool-patches 2021-08-27 8:26 ` Mergen Imeev via Tarantool-patches 2021-08-27 21:31 ` Vladislav Shpilevoy via Tarantool-patches 2021-08-26 11:10 Mergen Imeev via Tarantool-patches 2021-08-26 20:31 ` Vladislav Shpilevoy via Tarantool-patches 2021-08-27 7:54 ` Mergen Imeev via Tarantool-patches 2021-08-27 21:52 ` Vladislav Shpilevoy via Tarantool-patches
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=5b9c9dbb-1de6-ac7c-b432-4e878873e83d@tarantool.org \ --to=tarantool-patches@dev.tarantool.org \ --cc=imeevma@tarantool.org \ --cc=tsafin@tarantool.org \ --subject='Re: [Tarantool-patches] [PATCH v1 1/1] sql: fix a segfault in hex() on receiving zeroblob' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox