Yep, and I appreciate the report and the stack trace. Your example crashes on a strcpy, which fails because there is no terminating null in the random data. I changed that to a strncpy, to prevent the problem, but the issue still persists because the size I am passing as the 'n' in strncpy is also pulled from the random data, so it doesn't really help much. I will try to add a simple check to be sure size < block end - src address, which should keep us from reading past the data buffer end. I'll commit something to make things a bit better. I do appreciate the report.
Troy On 2/28/21 1:09 PM, Bastian Germann wrote: > Am 28.02.21 um 17:32 schrieb Troy A. Griffitts: >> The problem would be the same if ZIP was the default and you gave the >> ZIP compression driver LZSS data files. > > I tried several combinations of wrong input for the other compression > types after finding the bug and it turned out the others error, which > is the right way to deal with unexpected input. > >> In summary, if you specify the wrong driver for the data files of >> your module, you will get undefined behaviour. > > That is fine and reasonable. In my opinion any segfault is a bug. It > is not very likely to happen for end users but during module > developing you are not too unlikely to hit it. I reported it because I > experienced that bug for the 2nd time actually. > _______________________________________________ > sword-devel mailing list: sword-devel@crosswire.org > http://crosswire.org/mailman/listinfo/sword-devel > Instructions to unsubscribe/change your settings at above page _______________________________________________ sword-devel mailing list: sword-devel@crosswire.org http://crosswire.org/mailman/listinfo/sword-devel Instructions to unsubscribe/change your settings at above page
