upstream/mercurial-mirror Files · mercurial/cffi/mpatchbuild.py

dirs: fix out-of-bounds access in Py3...

dirs: fix out-of-bounds access in Py3 The hack for mutating Python's variable-length integers that was ported to py3 in (dirs: port PyInt code to work on Python 3, 2016-10-08) was reading from ob_digit[1] instead of ob_digit[0] for some reason. Space for ob_digit[1] would only be allocated for integers larger than 30 bits, so we ended up writing to unallocated memory. Also, we would write an integer that's 2^30 times too large, so we would never free these integers. Found by AddressSanitizer. Differential Revision: https://phab.mercurial-scm.org/D7597

Manuel Jacob - - Load All Authors

File last commit:

r44085:53607fd3 stable


                r44290:a47ccdcc

default

Download file

             mpatchbuild.py
        
                    40 lines
            
             | 1.0 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / mercurial / cffi / mpatchbuild.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      from __future__ import absolute_import

      import cffi

      import os

      ffi = cffi.FFI()

      mpatch_c = os.path.join(

          os.path.join(os.path.dirname(__file__), '..', 'mpatch.c')

      )

      with open(mpatch_c) as f:

          ffi.set_source(

              "mercurial.cffi._mpatch", f.read(), include_dirs=["mercurial"]

          )

      ffi.cdef(

          """

      struct mpatch_frag {

             int start, end, len;

             const char *data;

      };

      struct mpatch_flist {

             struct mpatch_frag *base, *head, *tail;

      };

      extern "Python" struct mpatch_flist* cffi_get_next_item(void*, ssize_t);

      int mpatch_decode(const char *bin, ssize_t len, struct mpatch_flist** res);

      ssize_t mpatch_calcsize(size_t len, struct mpatch_flist *l);

      void mpatch_lfree(struct mpatch_flist *a);

      static int mpatch_apply(char *buf, const char *orig, size_t len,

                              struct mpatch_flist *l);

      struct mpatch_flist *mpatch_fold(void *bins,

                             struct mpatch_flist* (*get_next_item)(void*, ssize_t),

                             ssize_t start, ssize_t end);

      """

      )

      if __name__ == '__main__':

          ffi.compile()

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				from __future__ import absolute_import

				import cffi
				import os

				ffi = cffi.FFI()
				mpatch_c = os.path.join(
				os.path.join(os.path.dirname(__file__), '..', 'mpatch.c')
				)
				with open(mpatch_c) as f:
				ffi.set_source(
				"mercurial.cffi._mpatch", f.read(), include_dirs=["mercurial"]
				)
				ffi.cdef(
				"""

				struct mpatch_frag {
				int start, end, len;
				const char *data;
				};

				struct mpatch_flist {
				struct mpatch_frag base, head, *tail;
				};

				extern "Python" struct mpatch_flist* cffi_get_next_item(void*, ssize_t);

				int mpatch_decode(const char bin, ssize_t len, struct mpatch_flist* res);
				ssize_t mpatch_calcsize(size_t len, struct mpatch_flist *l);
				void mpatch_lfree(struct mpatch_flist *a);
				static int mpatch_apply(char buf, const char orig, size_t len,
				struct mpatch_flist *l);
				struct mpatch_flist mpatch_fold(void bins,
				struct mpatch_flist* (get_next_item)(void, ssize_t),
				ssize_t start, ssize_t end);
				"""
				)

				if __name__ == '__main__':
				ffi.compile()