git.sur5r.net Git - i3/i3/commit

author	Michael Stapelberg <michael@stapelberg.de>
	Sun, 20 Aug 2017 10:54:49 +0000 (12:54 +0200)
committer	Michael Stapelberg <michael@stapelberg.de>
	Sun, 20 Aug 2017 10:54:49 +0000 (12:54 +0200)
commit	c25bee0ffca38a70d032712b973bd863de9157b2
tree	656682499e66fc1fb9f8108ede45fac18600e868	tree \| snapshot
parent	ad8bb416868b4c84c3ae261fd6a4115d31e089fc	commit \| diff

Bugfix: check bounds before accessing memory

This fixes the following issue when having an error early in the config file:

==1562==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6220000180ff at pc 0x55c837edb1d3 bp 0x7ffee7534650 sp 0x7ffee7534648
READ of size 1 at 0x6220000180ff thread T0
    #0 0x55c837edb1d2 in start_of_line ../../i3/src/config_parser.c:238
    #1 0x55c837edc96f in parse_config ../../i3/src/config_parser.c:493
    #2 0x55c837edf527 in parse_file ../../i3/src/config_parser.c:1091
    #3 0x55c837ecf14b in parse_configuration ../../i3/src/config.c:65
    #4 0x55c837ed1ef4 in load_configuration ../../i3/src/config.c:230
    #5 0x55c837f0a8d0 in main ../../i3/src/main.c:539
    #6 0x7fb63ae042b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
    #7 0x55c837e95eb9 in _start (/home/michael/i3/build/i3+0x4beb9)

0x6220000180ff is located 1 bytes to the left of 5165-byte region [0x622000018100,0x62200001952d)
allocated by thread T0 here:
    #0 0x7fb63e590cf8 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1cf8)
    #1 0x55c837f59aa6 in smalloc ../../i3/libi3/safewrappers.c:24
    #2 0x55c837edef45 in parse_file ../../i3/src/config_parser.c:1029
    #3 0x55c837ecf14b in parse_configuration ../../i3/src/config.c:65
    #4 0x55c837ed1ef4 in load_configuration ../../i3/src/config.c:230
    #5 0x55c837f0a8d0 in main ../../i3/src/main.c:539
    #6 0x7fb63ae042b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)