fix(strbuf): resolve potential use-after-free and UB in ffStrbufSetNS#2265
Open
fam007e wants to merge 1 commit intofastfetch-cli:devfrom
Open
fix(strbuf): resolve potential use-after-free and UB in ffStrbufSetNS#2265fam007e wants to merge 1 commit intofastfetch-cli:devfrom
fam007e wants to merge 1 commit intofastfetch-cli:devfrom
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR fixes a "Potential use after free" security alert flagged by CodeQL and addresses Undefined Behavior (UB) when setting a buffer to a substring of itself.
Related issue (required for new logos for new distros)
Fixes a CodeQL security alert (no public issue was found).
Changes
ffStrbufSetNSto allocate and copy into a new buffer before freeing the old one. This ensures that if the sourcevaluepoints into the current buffer, it remains valid during the copy even if reallocation is required.memcpywithmemmovein the non-reallocating path to safely handle cases wherevaluepoints to an overlapping memory region within the same buffer.Checklist
fastfetch-test-strbuf)