[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
avoiding access to NULL pointers coming from user customizations?
From: |
Patrice Dumas |
Subject: |
avoiding access to NULL pointers coming from user customizations? |
Date: |
Sat, 4 May 2024 19:28:01 +0200 |
Hello,
With texi2any, customization variables can be set in Perl and used in C.
Customization variable strings undef in Perl become NULL char * pointers in
C, which is a natural and convenient representation. Some
customization strings are tested in C code to make sure that they are
not NULL.
There is another possibility, some customization variables
are reset before the conversion to strings if they are undef. In that
case it is assumed in C that they are never NULL. However, it is
possible to set the variables to undef again, in user-defined
Perl customization code called from C during conversion. It would be
unlikely for that to happen by chance, but could happen on purpose.
In that case, there would be a segfault, described by valgrind as
Invalid read of size 1
Access not within mapped region at address 0x0
My guess is that it is not a problem in term of security, but I may be
wrong.
Is it an issue to leave the possibility of incorrect memory access?
--
Pat
- avoiding access to NULL pointers coming from user customizations?,
Patrice Dumas <=