Comments (8)
stephenberry
commented on July 23, 2024
glz::prettify_json and glz::minify_json were designed to be invoked on valid input. I should probably rename them to glz::prettify_json_unsafe and glz::minify_json_unsafe and then make safe versions for the future. But, I think it would be better for users to have just a single API.
I'll work on making these safe for untrusted inputs and renaming them to _unsafe if the performance impact is greater than 2X slower.
from glaze.
stephenberry
commented on July 23, 2024
I've realized revisiting the code that I had intended to make it work with untrusted input and there were a lot of checks. I've addressed this issue in #1179
Please continue to report safety issues for these functions as you find them. Thanks!
from glaze.
pauldreik
commented on July 23, 2024
prettify works for this input now, but minify doesn't. So I think the fix is insufficient.
I get:
/home/pauldreik/code/delaktig/glaze/include/glaze/util/dump.hpp:135:37: runtime error: null pointer passed as argument 2, which is declared to never be null
This uses 92b8b86
from glaze.
stephenberry
commented on July 23, 2024
Thanks, I added a unit test for this and will merge a fix in #1184
from glaze.
pauldreik
commented on July 23, 2024
Now, minify has an out of bounds read on "\" " at
glaze/include/glaze/json/json_format.hpp
Line 76 in c897e64
==258627==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5030000001d3 at pc 0x5653e0275c16 bp 0x7ffd757fbef0 sp 0x7ffd757fb6b0
READ of size 8 at 0x5030000001d3 thread T0
#0 0x5653e0275c15 in __asan_memcpy (/home/pauldreik/code/delaktig/glaze/out/build/clang_18/fuzzing/fuzz_json_minify+0x10cc15) (BuildId: 29a68fb9c082e34e26be672cdb4ab16dd14ad737)
#1 0x5653e02cdae3 in std::basic_string_view<char, std::char_traits> glz::detail::read_json_string<glz::opts{10u, (unsigned char)0, (unsigned char)1, (unsigned char)1, (unsigned char)1, (unsigned char)0, (unsigned char)0, (char)32, (unsigned char)3, (unsigned char)1, (unsigned char)0, (unsigned char)1, (unsigned char)0, (unsigned char)0, (unsigned char)0, (unsigned char)0, (unsigned char)0, (glz::float_precision)0, (unsigned char)0, (unsigned char)0, (unsigned char)0, (unsigned char)0, (unsigned char)0, (unsigned char)0, (unsigned char)0, (unsigned char)1, (unsigned char)0, (unsigned char)0, (unsigned char)1, (unsigned char)1, 32u}, char const*&, char const*&>(char const*&, char const*&) /home/pauldreik/code/delaktig/glaze/include/glaze/json/json_format.hpp:76:10
from glaze.
stephenberry
commented on July 23, 2024
Oops, I missed setting a flag for padding. Will merge a fix in #1187
from glaze.
pauldreik
commented on July 23, 2024
both prettify and minify seem to be "fuzz clean" with the latest fix. great!
from glaze.
stephenberry
commented on July 23, 2024
Yay! Thanks so much for your help making these safe.
from glaze.
Related Issues (20)
- add IWYU pragma to internal headers HOT 1
- [Question] Support for non-UTF-8 values? HOT 3
- Parsing glz::json_t using glz::read_json HOT 1
- Missed Breaking Change for Cpp 23 HOT 4
- undefined behaviour, out of bounds in GLZ_SKIP_WS HOT 4
- prettify_json("\xf3") invokes out ouf bounds read in prettify.hpp HOT 3
- reading generic json on invalid input causes out of bounds read in read.hpp HOT 1
- reading generic json can cause a stack overflow HOT 2
- glz::minify_json invoked on "f" causes out of bounds read in minify.hpp HOT 3
- CMAKE Version update HOT 2
- converting float -8536070.f to string gives "-08536070" HOT 10
- Optionally Write Keys at Runtime (while using Partials) HOT 2
- Roundtrip failure for double -0x1.e42427b42cb42p+949 HOT 2
- out of bounds write in prettify_json
- read_json on json_t invoked with invalid unicode causes out of bounds read in hex_to_u32 HOT 1
- [BUG?] Build fails on latest version (using g++) HOT 1
- deprectaed in c++17 out-of-line definition of constexpr static data member HOT 1
- clang - remainder by zero is undefined HOT 1
- size_t wraparound causes huge allocation when reading generic json
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from glaze.