Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
netlib_parseurl.c: Fix string overruns
For EINVAL, it doesn't make sense to keep parsing. (For E2BIG, it might make some sense.) Found by LLVM ASan. ``` ================================================================= ==81622==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000000f2 at pc 0x00010d2746ca bp 0x7ffee29a9980 sp 0x7ffee29a9978 READ of size 1 at 0x6020000000f2 thread T0 #0 0x10d2746c9 in netlib_parseurl netlib_parseurl.c:121 apache#1 0x10d26b293 in parseurl webclient.c:479 apache#2 0x10d265e48 in webclient_perform webclient.c:690 apache#3 0x10d277c5b in main main.c:210 apache#4 0x7fff7a06f3d4 in start+0x0 (libdyld.dylib:x86_64+0x163d4) 0x6020000000f2 is located 0 bytes to the right of 2-byte region [0x6020000000f0,0x6020000000f2) allocated by thread T0 here: #0 0x10d3996d3 in wrap_strdup+0x203 (libclang_rt.asan_osx_dynamic.dylib:x86_64+0x3e6d3) apache#1 0x10d276abe in main main.c:147 apache#2 0x7fff7a06f3d4 in start+0x0 (libdyld.dylib:x86_64+0x163d4) SUMMARY: AddressSanitizer: heap-buffer-overflow netlib_parseurl.c:121 in netlib_parseurl Shadow bytes around the buggy address: 0x1c03ffffffc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c03ffffffd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c03ffffffe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c03fffffff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1c0400000000: fa fa fd fd fa fa fd fd fa fa 00 00 fa fa 00 00 =>0x1c0400000010: fa fa 00 fa fa fa 00 00 fa fa 00 06 fa fa[02]fa 0x1c0400000020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x1c0400000030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x1c0400000040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x1c0400000050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x1c0400000060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==81622==ABORTING ```
- Loading branch information