New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Array index out of bounds in hex lookup #578
Array index out of bounds in hex lookup #578
Conversation
Would it be possible to trigger those 2 paths, to guard against regression? I should be able to track it back without big problems (not commonly used path), but might help if you happen to have stack traces. |
I can add the two inputs that caused problems, they are not reduced, but one is pretty small. Where would be the best place to add tests? I was calling in through Stack traces follow:
|
Thanks! Interesting -- I had a look at 2.10, and didn't think this path was problematic -- though there are couple via Test would be best triggered through |
Ah! I think this might be what #540 was about? But given that this is unlikely to be on critical performance path, I think maybe I really should add masking in helper method itself to reduce likelihood of any regression. I mean, while it may be extra work in some cases it really won't have any measurable impact. |
On Fri, Nov 8, 2019 at 9:53 AM Andriy Plokhotnyuk ***@***.***> wrote:
Why not just use sHexValues[ch & 0x7f] instead branching?
Yes, in the end that makes sense. Added notes to that effect. Was just
avoiding as unnecessary optimization :)
|
So, ended up changing implementation to be bit more robust; merged the test so should be all good. |
Fixing an index out of bounds if a negative number manages to get here. Found two paths that were able to trigger this by fuzzing.