stb_vorbis doesn't build as C++ #1
Comments
|
Oh, looking at Still makes me a bit weary of how well all these fixes merged together interact with each other.. |
|
Thank you for the issue! I'll put in a fix right now, and add some testing to make sure everything builds. |
|
Awesome, thanks! |
…different terminology -- one correctly deallocated temp memory, while the other added more deallocations in error cases. The fix is to merge the terminology of one with the new lines of code in the other.
…arious issues that came up in the tests; the worst is probably an out-of-bounds write when stb_sprintf's second argument is 0. (See issue #1). Details: deprecated/stb.h: * Fix crash when computing perfect hashes over a table of size 1, due to stb_log2_floor returning -1 for an input of 1 when it should only return -1 for an input of 0. * Fix undefined behavior in call to strcpy_s: The size term must be the size of the destination buffer; if it's too large, it's UB (and crashes MSVC, which assumes it can copy in chunks that large). stb_sprintf.h: * Add STBSP__ASAN definition * Fix OOB write in the case where `count == 0`. tests/grid_reachability.c: * Fix printf specifier: %d -> %zu for size_t tests/stb.c: * Fix printf specifier: %d -> %zu for size_t * Turn off code using STUA, as this does not appear to be present in current versions of stb. * Change from `__asm int 3;` to `__debugbreak()`, as the former syntax is not supported in VS 2022. test/test_ds.c: * Fix segfault: the issue was that in `arrins(temp, arrlen(temp), 'b')`, `arrins` is a macro, so `arrlen(temp)` gets inserted into multiple places; as a result, one part of the expanded macro used a size of 1 and the other used a size of 2, leading to a write at a bad index. test/test_sprintf.c: * Fix header for ssize_t on Windows tests/test_vorbis.c: * Look for sketch008.ogg in a local directory rather than hardcoding the path to it.
|
Thank you! I think I've got a fix for it in 2e9cec9 . That fork's perfect; I'm going to see if I can import its tests and run through all of those and add a simple vorbis fuzzer before closing this issue. On the testing side, I've added a CMake project with an initial go at building the various projects in That wound up finding a couple of issues, which I think I've fixed in 5ebf39c. The biggest one is that a line like would make stb_sprintf write a null terminator to |
|
The other issue is that stb_c_lexer_fuzzer.c pretty much immediately finds a crash (a file that consists entirely of an identifier will make it read past the end). That's not good. |
…igate resource exhaustion attack by checking size against length of stream.
|
As of ca527d1, this fork now has the tests from sezero's fork, and a vorbis fuzzer! Good news:
I'm going to go ahead and close this issue, since I think the original issue (compilation) has now been fixed. Thanks again for reporting this! |
|
Great work, thank you! :) |
So far stb_vorbis.c could be built as C++ (I usually rename it to stb_vorbis.h and use it more or less like the other stb libs).
With the changes in this repo that doesn't work anymore
I haven't tried with MSVC, but GCC (g++) gives errors like this:
This happens in several other places where
setup_temp_free()is called, and the issue is always that auint8 *value is passed as second argument ofsetup_temp_free()which expects avoid **.I'm not sure how this code can work anywhere (even when compiled as C, which might be more tolerant with the implicit conversion) -
uint8 * lengthsgets the return value ofsetup_temp_malloc(whatever)assigned - and as far as I understand, those results are supposed to be passed dereferenced tosetup_temp_free(), sosetup_temp_free()can set the pointer to NULL (void *p = *_p;*_p = NULL;). So the example shown above should probably look likeif (c->sparse) setup_temp_free(f, &lengths, c->entries);.Changing the code to make the compiler happy would be easy enough, but TBH with errors like this I don't trust the changes that changed
setup_temp_free()to take a pointer to a pointer enough to use them at all, and I don't have the time to review them thoroughly enough to figure out why this code apparently worked for whoever wrote it, despite appearing to be plainly wrong.Update: Oh by the way, thanks a lot for maintaining this repo! :)
The text was updated successfully, but these errors were encountered: