diff options
| author | juj <jujjyl@gmail.com> | 2016-10-14 20:26:48 +0300 |
|---|---|---|
| committer | Derek Schuff <dschuff@chromium.org> | 2016-10-14 10:26:48 -0700 |
| commit | 87c3aab6500f2a3a3ca8cecfaf65cc14e407a0cd (patch) | |
| tree | cebef0f919f5b8d733206c7336f88879856cd8c2 /src | |
| parent | 392995b646d2f5f36bf3110eac149892ebda74df (diff) | |
| download | binaryen-87c3aab6500f2a3a3ca8cecfaf65cc14e407a0cd.tar.gz binaryen-87c3aab6500f2a3a3ca8cecfaf65cc14e407a0cd.tar.bz2 binaryen-87c3aab6500f2a3a3ca8cecfaf65cc14e407a0cd.zip | |
Fix crash when loading archive files, dereferencing iterator .end() is undefined behavior. (#769)
Diffstat (limited to 'src')
| -rw-r--r-- | src/support/archive.cpp | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/src/support/archive.cpp b/src/support/archive.cpp index b394294c6..b9ca827e4 100644 --- a/src/support/archive.cpp +++ b/src/support/archive.cpp @@ -129,15 +129,11 @@ std::string Archive::Child::getRawName() const { } Archive::Child Archive::Child::getNext(bool& error) const { - size_t toSkip = len; - // Members are aligned to even byte boundaries. - if (toSkip & 1) ++toSkip; - const uint8_t* nextLoc = data + toSkip; - if (nextLoc >= (uint8_t*)&*parent->data.end()) { // End of the archive. + uint32_t nextOffset = len + (len & 1); // Members are aligned to even byte boundaries. + if ((size_t)(data - (const uint8_t*)parent->data.data() + nextOffset) >= parent->data.size()) { // End of the archive. return Child(); } - - return Child(parent, nextLoc, &error); + return Child(parent, data + nextOffset, &error); } std::string Archive::Child::getName() const { |