From 7bfb26e47c8974b4b1b923bd767a0200bf91d28f Mon Sep 17 00:00:00 2001 From: Justin Jones Date: Thu, 26 Mar 2026 11:50:15 -0400 Subject: [PATCH 1/4] Fix truncation and add test --- src/parsers/token.c | 4 +++- tests/parsers/test_token.c | 22 ++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/src/parsers/token.c b/src/parsers/token.c index 03cc53a..eaadb91 100644 --- a/src/parsers/token.c +++ b/src/parsers/token.c @@ -76,9 +76,11 @@ HParser *h_token(const uint8_t *str, const size_t len) { return h_token__m(&system_allocator, str, len); } HParser *h_token__m(HAllocator *mm__, const uint8_t *str, const size_t len) { + // Length has to be <= 255 (uint8) as definied by HToken struct + assert(len <= UINT8_MAX); HToken *t = h_new(HToken, 1); uint8_t *str_cpy = h_new(uint8_t, len); memcpy(str_cpy, str, len); - t->str = str_cpy, t->len = len; + t->str = str_cpy, t->len = (uint8_t)len; return h_new_parser(mm__, &token_vt, t); } diff --git a/tests/parsers/test_token.c b/tests/parsers/test_token.c index 80cd153..611191e 100644 --- a/tests/parsers/test_token.c +++ b/tests/parsers/test_token.c @@ -38,7 +38,29 @@ static void test_reshape_token(gconstpointer backend) { } } +// Test token.c: len not > UINT8_MAX assert +static void test_token_len_assert(gconstpointer backend) { + (void)backend; + + if (g_test_subprocess()) { + uint8_t expected[256]; + memset(expected, 0x41, sizeof(expected)); + + HParser *parser = h_token(expected, sizeof(expected)); + + // Shouldn't get here + (void)parser; + return; + } + + g_test_trap_subprocess(NULL, 0, 0); + g_test_trap_assert_failed(); +} + void register_token_tests(void) { g_test_add_data_func("/core/parser/packrat/reshape_token", GINT_TO_POINTER(PB_PACKRAT), test_reshape_token); + + g_test_add_data_func("/core/parser/packrat/token_len_assert", GINT_TO_POINTER(PB_PACKRAT), + test_token_len_assert); } From 671839abd5fb5a0cdb3c16ca96e61e099f56a36f Mon Sep 17 00:00:00 2001 From: Justin Jones Date: Tue, 31 Mar 2026 15:36:03 -0400 Subject: [PATCH 2/4] bump version and changelog --- VERSION | 2 +- debian/changelog | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 524cb55..45a1b3f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.1.1 +1.1.2 diff --git a/debian/changelog b/debian/changelog index bb19d6d..2ec0356 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +libmicrohammer (1.1.2-1) unstable; urgency=medium + + * Fix token length truncation bug from Issue#3 + * Document change to prevent confustion over magic number + * Add test to check that truncation bug is not possible + + -- Justin Jones Tue, 31 Mar 2026 15:00:00 -0500 + libmicrohammer (1.1.1-1) unstable; urgency=medium * Add scons uninstall target to remove installed libhammer files From fb1233a11f9f958bccc0a2a7e4de7ca136d3d228 Mon Sep 17 00:00:00 2001 From: Justin Jones Date: Tue, 31 Mar 2026 15:39:46 -0400 Subject: [PATCH 3/4] spelling mistake --- debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 2ec0356..98cc625 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,7 @@ libmicrohammer (1.1.2-1) unstable; urgency=medium * Fix token length truncation bug from Issue#3 - * Document change to prevent confustion over magic number + * Document change to prevent confusion over magic number * Add test to check that truncation bug is not possible -- Justin Jones Tue, 31 Mar 2026 15:00:00 -0500 From fe31cce79782df6ea49c17ed2ae7a3e78dc26e00 Mon Sep 17 00:00:00 2001 From: Mahmoud Elbasiouny Date: Tue, 31 Mar 2026 16:23:21 -0400 Subject: [PATCH 4/4] Small spelling fix --- src/parsers/token.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/parsers/token.c b/src/parsers/token.c index eaadb91..f67cf18 100644 --- a/src/parsers/token.c +++ b/src/parsers/token.c @@ -76,7 +76,7 @@ HParser *h_token(const uint8_t *str, const size_t len) { return h_token__m(&system_allocator, str, len); } HParser *h_token__m(HAllocator *mm__, const uint8_t *str, const size_t len) { - // Length has to be <= 255 (uint8) as definied by HToken struct + // Length has to be <= 255 (uint8) as defined by HToken struct assert(len <= UINT8_MAX); HToken *t = h_new(HToken, 1); uint8_t *str_cpy = h_new(uint8_t, len);