Prevent reading beyond end of mem mapped filegentoobrowse-api-0.9.3.1

4 files changed, 30 insertions, 7 deletions

diff --git a/gentoobrowse-api/service/utils/ebuildCacheParser.cpp b/gentoobrowse-api/service/utils/ebuildCacheParser.cpp
index c305578..f83d5f8 100644
--- a/gentoobrowse-api/service/utils/ebuildCacheParser.cpp
+++ b/gentoobrowse-api/service/utils/ebuildCacheParser.cpp
@@ -1,4 +1,5 @@
 #include "ebuildCacheParser.h"
+#include <string.h>
 
 namespace Gentoo {
 	namespace Utils {
@@ -6,15 +7,12 @@ namespace Gentoo {
 			AdHoc::FileUtils::MemMap(p)
 		{
 			const char * chardata = (const char *)this->data;
-			while (const char * eq = strchr(chardata, '=')) {
-				if (const char * nl = strchr(eq + 1, '\n')) {
+			auto len = this->getStat().st_size;
+			while (const char * eq = (const char *)memchr(chardata, '=', len - (chardata - (const char *)this->data))) {
+				if (const char * nl = (const char *)memchr(eq + 1, '\n', len - ((eq + 1) - (const char *)this->data))) {
 					kvs.insert({ std::string(chardata, eq), { eq + 1, nl } });
 					chardata = nl + 1;
 				}
-				else {
-					kvs.insert({ std::string(chardata, eq), { eq + 1, (const char *)this->data + st.st_size } });
-					return;
-				}
 			}
 		}
 
diff --git a/gentoobrowse-api/unittests/Jamfile.jam b/gentoobrowse-api/unittests/Jamfile.jam
index e6a7560..9225210 100644
--- a/gentoobrowse-api/unittests/Jamfile.jam
+++ b/gentoobrowse-api/unittests/Jamfile.jam
@@ -48,7 +48,7 @@ lib testCommon :
 	;
 
 run
-	testUtils.cpp ../service/utils/git.cpp
+	testUtils.cpp ../service/utils/git.cpp ../service/utils/ebuildCacheParser.cpp
 	: : :
 	<define>BOOST_TEST_DYN_LINK
 	<library>testCommon
diff --git a/gentoobrowse-api/unittests/fixtures/accerciser-3.22.0 b/gentoobrowse-api/unittests/fixtures/accerciser-3.22.0
new file mode 100644
index 0000000..65fd77f
--- /dev/null
+++ b/gentoobrowse-api/unittests/fixtures/accerciser-3.22.0
@@ -0,0 +1,14 @@
+DEFINED_PHASES=compile configure install postinst postrm preinst prepare
+DEPEND=>=app-accessibility/at-spi2-core-2.5.2:2 >=dev-python/pygobject-2.90.3:3[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] >=x11-libs/gtk+-3.1.13:3[introspection] dev-libs/atk[introspection] >=dev-libs/glib-2.28:2 dev-libs/gobject-introspection:= >=dev-python/ipython-0.11[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] >=dev-python/pyatspi-2.1.5[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] dev-python/pycairo[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] x11-libs/gdk-pixbuf[introspection] x11-libs/libwnck:3[introspection] x11-libs/pango[introspection] python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] app-text/yelp-tools >=dev-util/intltool-0.35 sys-devel/gettext virtual/pkgconfig >=app-portage/elt-patches-20170422 app-arch/xz-utils >=sys-apps/sed-4 dev-util/desktop-file-utils x11-misc/shared-mime-info
+DESCRIPTION=Interactive Python accessibility explorer
+EAPI=6
+HOMEPAGE=https://wiki.gnome.org/Apps/Accerciser
+IUSE=python_targets_python3_4 python_targets_python3_5 python_targets_python3_6
+KEYWORDS=amd64 x86
+LICENSE=BSD CC-BY-SA-3.0
+RDEPEND=>=app-accessibility/at-spi2-core-2.5.2:2 >=dev-python/pygobject-2.90.3:3[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] >=x11-libs/gtk+-3.1.13:3[introspection] dev-libs/atk[introspection] >=dev-libs/glib-2.28:2 dev-libs/gobject-introspection:= >=dev-python/ipython-0.11[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] >=dev-python/pyatspi-2.1.5[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] dev-python/pycairo[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)] x11-libs/gdk-pixbuf[introspection] x11-libs/libwnck:3[introspection] x11-libs/pango[introspection] python_targets_python3_4? ( dev-lang/python:3.4[xml] ) python_targets_python3_5? ( dev-lang/python:3.5[xml] ) python_targets_python3_6? ( dev-lang/python:3.6[xml] ) >=dev-lang/python-exec-2:=[python_targets_python3_4(-)?,python_targets_python3_5(-)?,python_targets_python3_6(-)?,-python_single_target_python3_4(-),-python_single_target_python3_5(-),-python_single_target_python3_6(-)]
+REQUIRED_USE=|| ( python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 )
+SLOT=0
+SRC_URI=mirror://gnome/sources/accerciser/3.22/accerciser-3.22.0.tar.xz
+_eclasses_=desktop	2ccd1dd1dd7bfb8795eea024a4f91bb6	epatch	8233751dc5105a6ae8fcd86ce2bb0247	estack	43ddf5aaffa7a8d0482df54d25a66a1f	eutils	b4eee44966573b7fb6761e507910b306	gnome.org	5e4cc5af3f1b17bdee155bf02e8c2df4	gnome2	6e4acb9c9da2cfa25f2dfedb93bb4a43	gnome2-utils	4d211d7614f303710fca59db6ec12c88	libtool	0081a71a261724730ec4c248494f044d	ltprune	2770eed66a9b8ef944714cd0e968182e	multibuild	72647e255187a1fadc81097b3657e5c3	multilib	97f470f374f2e94ccab04a2fb21d811e	preserve-libs	ef207dc62baddfddfd39a164d9797648	python-r1	e9350ec46bb5c9f3504b4fbe8b8d8987	python-utils-r1	c9de01becf9df3f8c10aeec3dc693f5d	toolchain-funcs	885c7d8dd70a58825f3d17e35a3cd1e9	versionator	ce21313503c41896ebcd7d58b0607e37	xdg	6cd76cc914c1a759dee032778487b57f	xdg-utils	f2c8335407f0b935b0a96d4adf23ef25
+_md5_=d824645ab9e59e46288f40f698baa5e7
diff --git a/gentoobrowse-api/unittests/testUtils.cpp b/gentoobrowse-api/unittests/testUtils.cpp
index 5109d48..de3dca0 100644
--- a/gentoobrowse-api/unittests/testUtils.cpp
+++ b/gentoobrowse-api/unittests/testUtils.cpp
@@ -4,6 +4,8 @@
 #include <utils/git.h>
 #include <libxml/parser.h>
 #include <maintenance.h>
+#include <utils/ebuildCacheParser.h>
+#include <definedDirs.h>
 
 using namespace Gentoo::Utils::Git;
 
@@ -27,3 +29,12 @@ BOOST_AUTO_TEST_CASE( gitErrorMessage )
 	git_libgit2_shutdown();
 }
 
+BOOST_AUTO_TEST_CASE( EbuildCacheParser )
+{
+	Gentoo::Utils::EbuildCacheParser ecp(rootDir / "fixtures" / "accerciser-3.22.0");
+	BOOST_REQUIRE(!ecp.get("missing"));
+	BOOST_REQUIRE_EQUAL("compile configure install postinst postrm preinst prepare", *ecp.get("DEFINED_PHASES"));
+	BOOST_REQUIRE_EQUAL("0", *ecp.get("SLOT"));
+	BOOST_REQUIRE_EQUAL("d824645ab9e59e46288f40f698baa5e7", *ecp.get("_md5_"));
+}
+