summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEdwin Mons <edwin.mons@isode.com>2018-11-09 09:15:38 (GMT)
committerEdwin Mons <edwin.mons@isode.com>2018-11-09 13:43:02 (GMT)
commit56384396e5501ebcf7276caa2cb561023d3c3d12 (patch)
treea9365158591c420fe4fe16e661264b9d56f54bce /Swiften/Parser
parenta45eed2d826f60a20dfd1f4f06df37d1f83263f8 (diff)
downloadswift-56384396e5501ebcf7276caa2cb561023d3c3d12.zip
swift-56384396e5501ebcf7276caa2cb561023d3c3d12.tar.bz2
Remove numeric_casts from XML parsers
The code has been updated to use asserts where a sensible recovery path was deemed impossible, and a conditional return for parse. In general, our XML parsing will fail for any single parse of a document over roughly 2 2GiB, which is probably not going to be a practical issue soon. Test-Information: Unit tests pass on macOS 10.13 using Expat and Debian 9 using LibXML Change-Id: I3a8da802860028ea278b322af081c2b22b55a442
Diffstat (limited to 'Swiften/Parser')
-rw-r--r--Swiften/Parser/ExpatParser.cpp8
-rw-r--r--Swiften/Parser/LibXMLParser.cpp16
2 files changed, 15 insertions, 9 deletions
diff --git a/Swiften/Parser/ExpatParser.cpp b/Swiften/Parser/ExpatParser.cpp
index 77d959c..8415c42 100644
--- a/Swiften/Parser/ExpatParser.cpp
+++ b/Swiften/Parser/ExpatParser.cpp
@@ -7,13 +7,12 @@
#include <Swiften/Parser/ExpatParser.h>
#include <cassert>
+#include <limits>
#include <memory>
#include <string>
#include <expat.h>
-#include <boost/numeric/conversion/cast.hpp>
-
#include <Swiften/Base/String.h>
#include <Swiften/Parser/XMLParserClient.h>
@@ -84,7 +83,10 @@ ExpatParser::~ExpatParser() {
}
bool ExpatParser::parse(const std::string& data) {
- bool success = XML_Parse(p->parser_, data.c_str(), boost::numeric_cast<int>(data.size()), false) == XML_STATUS_OK;
+ if (data.size() > std::numeric_limits<int>::max()) {
+ return false;
+ }
+ bool success = XML_Parse(p->parser_, data.c_str(), static_cast<int>(data.size()), false) == XML_STATUS_OK;
/*if (!success) {
std::cout << "ERROR: " << XML_ErrorString(XML_GetErrorCode(p->parser_)) << " while parsing " << data << std::endl;
}*/
diff --git a/Swiften/Parser/LibXMLParser.cpp b/Swiften/Parser/LibXMLParser.cpp
index be0a92d..5bd3737 100644
--- a/Swiften/Parser/LibXMLParser.cpp
+++ b/Swiften/Parser/LibXMLParser.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2010-2016 Isode Limited.
+ * Copyright (c) 2010-2018 Isode Limited.
* All rights reserved.
* See the COPYING file for more information.
*/
@@ -8,11 +8,10 @@
#include <cassert>
#include <cstring>
+#include <limits>
#include <memory>
#include <string>
-#include <boost/numeric/conversion/cast.hpp>
-
#include <libxml/parser.h>
#include <Swiften/Base/Log.h>
@@ -36,11 +35,12 @@ static void handleStartElement(void* parser, const xmlChar* name, const xmlChar*
if (attributes[i+2]) {
attributeNS = std::string(reinterpret_cast<const char*>(attributes[i+2]));
}
+ assert(attributes[i+4] >= attributes[i+3]);
attributeValues.addAttribute(
std::string(reinterpret_cast<const char*>(attributes[i])),
attributeNS,
std::string(reinterpret_cast<const char*>(attributes[i+3]),
- boost::numeric_cast<size_t>(attributes[i+4]-attributes[i+3])));
+ static_cast<size_t>(attributes[i+4]-attributes[i+3])));
}
static_cast<XMLParser*>(parser)->getClient()->handleStartElement(reinterpret_cast<const char*>(name), (xmlns ? reinterpret_cast<const char*>(xmlns) : std::string()), attributeValues);
}
@@ -50,7 +50,8 @@ static void handleEndElement(void *parser, const xmlChar* name, const xmlChar*,
}
static void handleCharacterData(void* parser, const xmlChar* data, int len) {
- static_cast<XMLParser*>(parser)->getClient()->handleCharacterData(std::string(reinterpret_cast<const char*>(data), boost::numeric_cast<size_t>(len)));
+ assert(len >= 0);
+ static_cast<XMLParser*>(parser)->getClient()->handleCharacterData(std::string(reinterpret_cast<const char*>(data), static_cast<size_t>(len)));
}
static void handleError(void*, const char* /*m*/, ... ) {
@@ -94,7 +95,10 @@ LibXMLParser::~LibXMLParser() {
}
bool LibXMLParser::parse(const std::string& data) {
- if (xmlParseChunk(p->context_, data.c_str(), boost::numeric_cast<int>(data.size()), false) == XML_ERR_OK) {
+ if (data.size() > std::numeric_limits<int>::max()) {
+ return false;
+ }
+ if (xmlParseChunk(p->context_, data.c_str(), static_cast<int>(data.size()), false) == XML_ERR_OK) {
return true;
}
xmlError* error = xmlCtxtGetLastError(p->context_);