jit: avoid integer wraparound in stack size definition (#42)

pcre2_jit_stack_create() allows the user to indicate how big of a
stack size JIT should be able to allocate and use, using a size_t
variable which should be able to hold bigger values than reasonable.

Internally, the value is rounded to the next 8K, but if the value
is unreasonable large, would overflow and could result in a smaller
than expected stack or a maximun size that is smaller than the
minimum..

Avoid the overflow by checking the value and failing early, and
while at it make the check clearer while documenting the failure
mode.

Signed-off-by: Carlo Marcelo Arenas Belón <carenas@gmail.com>
This commit is contained in:
Carlo Marcelo Arenas Belón 2021-11-19 00:23:46 -08:00 committed by GitHub
parent 46890604a4
commit eb42305f07
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 2 deletions

View File

@ -22,7 +22,8 @@ allocation. The result can be passed to the JIT run-time code by calling
\fBpcre2_jit_stack_assign()\fP to associate the stack with a compiled pattern, \fBpcre2_jit_stack_assign()\fP to associate the stack with a compiled pattern,
which can then be processed by \fBpcre2_match()\fP or \fBpcre2_jit_match()\fP. which can then be processed by \fBpcre2_match()\fP or \fBpcre2_jit_match()\fP.
A maximum stack size of 512KiB to 1MiB should be more than enough for any A maximum stack size of 512KiB to 1MiB should be more than enough for any
pattern. For more details, see the pattern. If the stack couldn't be allocated or the values passed were not
reasonable, NULL will be returned. For more details, see the
.\" HREF .\" HREF
\fBpcre2jit\fP \fBpcre2jit\fP
.\" .\"

View File

@ -135,7 +135,7 @@ return NULL;
pcre2_jit_stack *jit_stack; pcre2_jit_stack *jit_stack;
if (startsize < 1 || maxsize < 1) if (startsize == 0 || maxsize == 0 || maxsize > PCRE2_SIZE_MAX - STACK_GROWTH_RATE)
return NULL; return NULL;
if (startsize > maxsize) if (startsize > maxsize)
startsize = maxsize; startsize = maxsize;