diff options
| author | Robin Haberkorn <robin.haberkorn@googlemail.com> | 2021-06-04 01:17:38 +0200 |
|---|---|---|
| committer | Robin Haberkorn <robin.haberkorn@googlemail.com> | 2021-06-04 01:30:18 +0200 |
| commit | 5167dad198508e2dac10bf89c6b2991cfc791ee6 (patch) | |
| tree | 7dbab3e7047ce80e6651f238f95d241a6a460ad1 /src/search.c | |
| parent | ad392b343a59c6bd093a2bd352598f6e7747828e (diff) | |
| download | sciteco-5167dad198508e2dac10bf89c6b2991cfc791ee6.tar.gz | |
guard against too low arguments to <S> by checking whether the memory limit would be exceeded
* Checking whether the allocation succeeded may not prevent exceeding the memory
limit excessively.
* Even if the memory limit is not exceeded, the allocation can fail theoretically
and the program would terminate abnormally.
This however is true for all allocations in SciTECO (via glib).
* teco_memory_check() therefore now supports checking whether an allocation would
exceed the memory limit which will be useful before very large or variable allocations
in addition to the regular checking in teco_machine_main_step().
* As a sideeffect, this fixes the "Searching with large counts" test case on Mac OS
where too large allocations were not detected as expected (apparently Mac OS
happily gives out ridiculously large chunks of memory).
Now, all platforms are guaranteed to have the same behaviour.
Diffstat (limited to 'src/search.c')
| -rw-r--r-- | src/search.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/src/search.c b/src/search.c index e5e4bd8..4c324a6 100644 --- a/src/search.c +++ b/src/search.c @@ -28,6 +28,7 @@ #include "string-utils.h" #include "expressions.h" #include "interface.h" +#include "memory.h" #include "undo.h" #include "qreg.h" #include "ring.h" @@ -492,17 +493,18 @@ teco_do_search(GRegex *re, gint from, gint to, gint *count, GError **error) gint from, to; } teco_range_t; + gsize matched_size = sizeof(teco_range_t) * -*count; + /* - * NOTE: It's theoretically possible that this single allocation - * causes an OOM if (-count) is large enough and memory limiting won't help. - * That's why we exceptionally have to check for allocation success. + * NOTE: It's theoretically possible that the allocation of the `matched` + * array causes an OOM if (-count) is large enough and regular + * memory limiting in teco_machine_main_step() wouldn't help. + * That's why we exceptionally have to check before allocating. */ - g_autofree teco_range_t *matched = g_try_new(teco_range_t, -*count); - if (!matched) { - g_set_error(error, TECO_ERROR, TECO_ERROR_FAILED, - "Search count too small (%d)", *count); + if (!teco_memory_check(matched_size, error)) return FALSE; - } + + g_autofree teco_range_t *matched = g_malloc(matched_size); gint matched_total = 0, i = 0; |