From 182f4f9ca2c2512b930937ce5ebfd7af80a2d991 Mon Sep 17 00:00:00 2001 From: Hernan Martinez Date: Thu, 23 Jun 2022 00:00:25 -0600 Subject: [PATCH 1/3] Add missing --- src/WinTLSSession.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/WinTLSSession.h b/src/WinTLSSession.h index 21c74624..14e9beee 100644 --- a/src/WinTLSSession.h +++ b/src/WinTLSSession.h @@ -37,7 +37,7 @@ #define WIN_TLS_SESSION_H #include - +#include #include "common.h" #include "TLSSession.h" #include "WinTLSContext.h" From 15a96209cd0a25fea4398b8c6f6ccd3a488829c9 Mon Sep 17 00:00:00 2001 From: Nikita Ofitserov Date: Tue, 23 Aug 2022 20:27:39 +0300 Subject: [PATCH 2/3] Fix Metalink4 parsing with foreign namespaces Rename local checkNsUri helper function to make boolean conditions easily readable, as the issue was not apparent with the old helper function name. --- src/MetalinkParserStateV4Impl.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/MetalinkParserStateV4Impl.cc b/src/MetalinkParserStateV4Impl.cc index 43fdeec0..4fee5c33 100644 --- a/src/MetalinkParserStateV4Impl.cc +++ b/src/MetalinkParserStateV4Impl.cc @@ -47,7 +47,7 @@ namespace aria2 { const char METALINK4_NAMESPACE_URI[] = "urn:ietf:params:xml:ns:metalink"; namespace { -bool checkNsUri(const char* nsUri) +bool isMetalink4Ns(const char* nsUri) { return nsUri && strcmp(nsUri, METALINK4_NAMESPACE_URI) == 0; } @@ -57,7 +57,7 @@ void MetalinkMetalinkParserStateV4::beginElement( MetalinkParserStateMachine* psm, const char* localname, const char* prefix, const char* nsUri, const std::vector& attrs) { - if (checkNsUri(nsUri) && strcmp(localname, "file") != 0) { + if (!isMetalink4Ns(nsUri) || strcmp(localname, "file") != 0) { psm->setSkipTagState(); return; } @@ -83,7 +83,7 @@ void FileMetalinkParserStateV4::beginElement(MetalinkParserStateMachine* psm, const char* nsUri, const std::vector& attrs) { - if (!checkNsUri(nsUri)) { + if (!isMetalink4Ns(nsUri)) { psm->setSkipTagState(); } else if (strcmp(localname, "size") == 0) { @@ -293,7 +293,7 @@ void PiecesMetalinkParserStateV4::beginElement( MetalinkParserStateMachine* psm, const char* localname, const char* prefix, const char* nsUri, const std::vector& attrs) { - if (checkNsUri(nsUri) && strcmp(localname, "hash") == 0) { + if (isMetalink4Ns(nsUri) && strcmp(localname, "hash") == 0) { psm->setPieceHashStateV4(); } else { From 42038422f6f43926d4103c27587b5db60ebde747 Mon Sep 17 00:00:00 2001 From: Nikita Ofitserov Date: Wed, 24 Aug 2022 17:28:04 +0300 Subject: [PATCH 3/3] Fix undefined behavior/crash in GZipEncoder When the output buffer is full, outbuf[produced] references past the buffer end, leading to UB and a possible assertion failure. Fixes #1968, #1964 --- src/GZipEncoder.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/GZipEncoder.cc b/src/GZipEncoder.cc index 884485ee..41cfce5a 100644 --- a/src/GZipEncoder.cc +++ b/src/GZipEncoder.cc @@ -87,7 +87,7 @@ std::string GZipEncoder::encode(const unsigned char* in, size_t length, throw DL_ABORT_EX(fmt("libz::deflate() failed. cause:%s", strm_->msg)); } size_t produced = outbuf.size() - strm_->avail_out; - out.append(&outbuf[0], &outbuf[produced]); + out.append(outbuf.data(), outbuf.data() + produced); if (strm_->avail_out > 0) { break; }