unofficial mirror of bug-guile@gnu.org 
 help / color / mirror / Atom feed
* bug#45595: recvfrom! optional start and end parameter invalid
@ 2021-01-01 11:34 d4ryus via Bug reports for GUILE, GNU's Ubiquitous Extension Language
  2021-11-03 18:29 ` lloda
  0 siblings, 1 reply; 2+ messages in thread
From: d4ryus via Bug reports for GUILE, GNU's Ubiquitous Extension Language @ 2021-01-01 11:34 UTC (permalink / raw)
  To: 45595

[-- Attachment #1: Type: text/plain, Size: 996 bytes --]

hi,

the parameter validation for the optional "start" and "end" arguments to
"recvfrom!" are off by one if "end" is passed. From libguile/socket.c
(master commit 64c89458e6):

  ...
  if (SCM_UNBNDP (end))
    cend = SCM_BYTEVECTOR_LENGTH (buf);
  else
    {
      cend = scm_to_size_t (end);
      if (SCM_UNLIKELY (cend >= SCM_BYTEVECTOR_LENGTH (buf)
                        || cend < offset))
        scm_out_of_range (FUNC_NAME, end);
    }
  ...

"end" is the optional end argument, "offset" is 0 or "start" if start
was given. The check must be:

  cend > SCM_BYTEVECTOR_LENGTH (buf) || cend <= offset

to allow filling the last byte in the buffer and verify that start is
not equal to end. A workaround to skip the validation is to not pass
end. But i think a better way would be to always validate start (and
end), if one (or both) of them are passed. A potentional fix is
attached.

If you need any additional information, please let me know.

Thank you for your great work!

-  d4ryus

[-- Attachment #2: recvfrom-fix.patch --]
[-- Type: text/plain, Size: 1027 bytes --]

diff --git a/libguile/socket.c b/libguile/socket.c
index 64354f1f1..d6e676744 100644
--- a/libguile/socket.c
+++ b/libguile/socket.c
@@ -1480,21 +1480,24 @@ SCM_DEFINE (scm_recvfrom, "recvfrom!", 2, 3, 0,
 
   SCM_VALIDATE_BYTEVECTOR (1, buf);
 
-  if (SCM_UNBNDP (start))
-    offset = 0;
-  else
-    offset = scm_to_size_t (start);
-
   if (SCM_UNBNDP (end))
     cend = SCM_BYTEVECTOR_LENGTH (buf);
   else
     {
       cend = scm_to_size_t (end);
-      if (SCM_UNLIKELY (cend >= SCM_BYTEVECTOR_LENGTH (buf)
-                        || cend < offset))
+      if (SCM_UNLIKELY (cend > SCM_BYTEVECTOR_LENGTH (buf)))
         scm_out_of_range (FUNC_NAME, end);
     }
 
+  if (SCM_UNBNDP (start))
+    offset = 0;
+  else
+    {
+      offset = scm_to_size_t (start);
+      if (SCM_UNLIKELY (cend <= offset))
+        scm_out_of_range (FUNC_NAME, start);
+    }
+
   SCM_SYSCALL (rv = recvfrom (fd,
                               SCM_BYTEVECTOR_CONTENTS (buf) + offset,
                               cend - offset, flg,
 

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* bug#45595: recvfrom! optional start and end parameter invalid
  2021-01-01 11:34 bug#45595: recvfrom! optional start and end parameter invalid d4ryus via Bug reports for GUILE, GNU's Ubiquitous Extension Language
@ 2021-11-03 18:29 ` lloda
  0 siblings, 0 replies; 2+ messages in thread
From: lloda @ 2021-11-03 18:29 UTC (permalink / raw)
  To: 45595-done


Hi,

Your patch didn't allow for start == end, which is valid as far as I can tell.

With that amended, applied in 1a8294f495cb202f8fcd0f260627c58e7a4c4d10. Thanks!







^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-11-03 18:29 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-01 11:34 bug#45595: recvfrom! optional start and end parameter invalid d4ryus via Bug reports for GUILE, GNU's Ubiquitous Extension Language
2021-11-03 18:29 ` lloda

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).