From 56384396e5501ebcf7276caa2cb561023d3c3d12 Mon Sep 17 00:00:00 2001 From: Edwin Mons Date: Fri, 9 Nov 2018 10:15:38 +0100 Subject: Remove numeric_casts from XML parsers The code has been updated to use asserts where a sensible recovery path was deemed impossible, and a conditional return for parse. In general, our XML parsing will fail for any single parse of a document over roughly 2 2GiB, which is probably not going to be a practical issue soon. Test-Information: Unit tests pass on macOS 10.13 using Expat and Debian 9 using LibXML Change-Id: I3a8da802860028ea278b322af081c2b22b55a442 diff --git a/Swiften/Parser/ExpatParser.cpp b/Swiften/Parser/ExpatParser.cpp index 77d959c..8415c42 100644 --- a/Swiften/Parser/ExpatParser.cpp +++ b/Swiften/Parser/ExpatParser.cpp @@ -7,13 +7,12 @@ #include #include +#include #include #include #include -#include - #include #include @@ -84,7 +83,10 @@ ExpatParser::~ExpatParser() { } bool ExpatParser::parse(const std::string& data) { - bool success = XML_Parse(p->parser_, data.c_str(), boost::numeric_cast(data.size()), false) == XML_STATUS_OK; + if (data.size() > std::numeric_limits::max()) { + return false; + } + bool success = XML_Parse(p->parser_, data.c_str(), static_cast(data.size()), false) == XML_STATUS_OK; /*if (!success) { std::cout << "ERROR: " << XML_ErrorString(XML_GetErrorCode(p->parser_)) << " while parsing " << data << std::endl; }*/ diff --git a/Swiften/Parser/LibXMLParser.cpp b/Swiften/Parser/LibXMLParser.cpp index be0a92d..5bd3737 100644 --- a/Swiften/Parser/LibXMLParser.cpp +++ b/Swiften/Parser/LibXMLParser.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2016 Isode Limited. + * Copyright (c) 2010-2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ @@ -8,11 +8,10 @@ #include #include +#include #include #include -#include - #include #include @@ -36,11 +35,12 @@ static void handleStartElement(void* parser, const xmlChar* name, const xmlChar* if (attributes[i+2]) { attributeNS = std::string(reinterpret_cast(attributes[i+2])); } + assert(attributes[i+4] >= attributes[i+3]); attributeValues.addAttribute( std::string(reinterpret_cast(attributes[i])), attributeNS, std::string(reinterpret_cast(attributes[i+3]), - boost::numeric_cast(attributes[i+4]-attributes[i+3]))); + static_cast(attributes[i+4]-attributes[i+3]))); } static_cast(parser)->getClient()->handleStartElement(reinterpret_cast(name), (xmlns ? reinterpret_cast(xmlns) : std::string()), attributeValues); } @@ -50,7 +50,8 @@ static void handleEndElement(void *parser, const xmlChar* name, const xmlChar*, } static void handleCharacterData(void* parser, const xmlChar* data, int len) { - static_cast(parser)->getClient()->handleCharacterData(std::string(reinterpret_cast(data), boost::numeric_cast(len))); + assert(len >= 0); + static_cast(parser)->getClient()->handleCharacterData(std::string(reinterpret_cast(data), static_cast(len))); } static void handleError(void*, const char* /*m*/, ... ) { @@ -94,7 +95,10 @@ LibXMLParser::~LibXMLParser() { } bool LibXMLParser::parse(const std::string& data) { - if (xmlParseChunk(p->context_, data.c_str(), boost::numeric_cast(data.size()), false) == XML_ERR_OK) { + if (data.size() > std::numeric_limits::max()) { + return false; + } + if (xmlParseChunk(p->context_, data.c_str(), static_cast(data.size()), false) == XML_ERR_OK) { return true; } xmlError* error = xmlCtxtGetLastError(p->context_); -- cgit v0.10.2-6-g49f6