[stdlib] Fix input() segfaults on EOF
#3919
Closed
+38
−3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Raysan Alawami <[email protected]>
Signed-off-by: Raysan Alawami <[email protected]>
mahiro21h
force-pushed
the
fix-input-segfaults-on-eof
branch
from
52df8e1 to
df55a1f
Compare
mahiro21h
changed the title
mahiro21h
changed the title
input() segfaults on EOF
Signed-off-by: Joe Loser <[email protected]>
|
!sync |
modularbot
added
the
imported-internally
|
✅🟣 This contribution has been merged 🟣✅ Your pull request has been merged to the internal upstream Mojo sources. It will be reflected here in the Mojo repository on the nightly branch during the next Mojo nightly release, typically within the next 24-48 hours. We use Copybara to merge external contributions, click here to learn more. |
modularbot
added
merged-internally
|
Landed in 4ef6859! Thank you for your contribution 🎉 |
modularbot
pushed a commit
that referenced
this pull request
Jan 16, 2025
[External] [stdlib] Fix `input()` segfaults on EOF pressing `ctrl-d` with no input when `input()` is called causes mojo to crash because `read_until_delimiter()` doesn't check the return value of the C function `getdelim()`. it assumes `getdelim()` always succeeds and so, in the case of an error, it blindly creates a `StringRef` with its length set to the return value - 1 (so the length is -2 in this case). this `StringRef` is then passed to `String()` which in turn passes the `StringRef` to `memcpy()` with a count of -2 and ultimately crashing mojo. this pr adds a check in `read_until_delimiter()` to check if `getdelim()` failed and raise an error if it does, along with a test to ensure `read_until_delimiter()` continues to behave as it should. Fixes #3908 Co-authored-by: mahiro21h <[email protected]> Closes #3919 MODULAR_ORIG_COMMIT_REV_ID: c3457f3377bfcfe0379e31fbd31e72ec53fe7516
jjvraw
pushed a commit
to jjvraw/mojo
that referenced
this pull request
Jan 16, 2025
[External] [stdlib] Fix `input()` segfaults on EOF pressing `ctrl-d` with no input when `input()` is called causes mojo to crash because `read_until_delimiter()` doesn't check the return value of the C function `getdelim()`. it assumes `getdelim()` always succeeds and so, in the case of an error, it blindly creates a `StringRef` with its length set to the return value - 1 (so the length is -2 in this case). this `StringRef` is then passed to `String()` which in turn passes the `StringRef` to `memcpy()` with a count of -2 and ultimately crashing mojo. this pr adds a check in `read_until_delimiter()` to check if `getdelim()` failed and raise an error if it does, along with a test to ensure `read_until_delimiter()` continues to behave as it should. Fixes modularml#3908 Co-authored-by: mahiro21h <[email protected]> Closes modularml#3919 MODULAR_ORIG_COMMIT_REV_ID: c3457f3377bfcfe0379e31fbd31e72ec53fe7516 Signed-off-by: Joshua James Venter <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
pressing
ctrl-dwith no input wheninput()is called causes mojo to crash becauseread_until_delimiter()doesn't check the return value of the C functiongetdelim(). it assumesgetdelim()always succeeds and so, in the case of an error, it blindly creates aStringRefwith its length set to the return value - 1 (so the length is -2 in this case). thisStringRefis then passed toString()which in turn passes theStringReftomemcpy()with a count of -2 and ultimately crashing mojo.this pr adds a check in
read_until_delimiter()to check ifgetdelim()failed and raise an error if it does, along with a test to ensureread_until_delimiter()continues to behave as it should.related issue: #3908
closes: #3908