From 0925ae79a1b49ee3d63e542dd74acdb0c580c6c9 Mon Sep 17 00:00:00 2001 From: Yorhel Date: Wed, 19 Mar 2025 17:33:10 +0100 Subject: [PATCH] XS: Ensure created Perl strings are nul-terminated Most of these are binary strings and shouldn't be interpreted as C strings in the first place, but better be safe in case they are, anyway. The lack of nul-termination of FU::Pg `$hex` strings was more likely to be problematic. --- c/compress.c | 3 +++ c/fdpass.c | 1 + c/pgtypes.c | 1 + 3 files changed, 5 insertions(+) diff --git a/c/compress.c b/c/compress.c index 20a59be..da986a3 100644 --- a/c/compress.c +++ b/c/compress.c @@ -87,6 +87,7 @@ static SV *fugz_compress_ld(pTHX_ int level, const char *bytes, size_t inlen) { size_t len = libdeflate_gzip_compress(fugz_ld_ctx, bytes, inlen, SvPVX(out), outlen); if (!len) fu_confess("Libdeflate compression failed"); /* Shouldn't happen */ SvCUR_set(out, len); + SvPVX(out)[len] = 0; return out; } @@ -110,6 +111,7 @@ static SV *fugz_compress_zlib(pTHX_ int level, const char *bytes, size_t inlen) if ((r = deflate(&stream, 4)) != 1) fu_confess("Zlib compression failed (%d)", r); SvCUR_set(out, stream.total_out); + SvPVX(out)[stream.total_out] = 0; deflateEnd(&stream); return out; } @@ -157,5 +159,6 @@ static SV *fubr_compress(pTHX_ IV level, SV *in) { if (!BrotliEncoderCompress(level, 22, BROTLI_MODE_GENERIC, inlen, bytes, &outlen, SvPVX(out))) fu_confess("Brotli compression failed"); SvCUR_set(out, outlen); + SvPVX(out)[outlen] = 0; return out; } diff --git a/c/fdpass.c b/c/fdpass.c index 74a1229..ae4b141 100644 --- a/c/fdpass.c +++ b/c/fdpass.c @@ -71,6 +71,7 @@ static int fufdpass_recv(pTHX_ I32 ax, int socket, size_t len) { } SvCUR_set(buf, r); + SvPVX(buf)[r] = 0; ST(1) = buf; return 2; } diff --git a/c/pgtypes.c b/c/pgtypes.c index 6fb8835..b307cc0 100644 --- a/c/pgtypes.c +++ b/c/pgtypes.c @@ -166,6 +166,7 @@ RECVFN(hex) { *out++ = PL_hexdigit[(in[i] >> 4) & 0x0f]; *out++ = PL_hexdigit[in[i] & 0x0f]; } + *out = 0; SvCUR_set(r, len * 2); return r; }