D5464: parsers: better bounds checking in fm1readmarkers

Thu Dec 20 07:34:14 EST 2018

This revision was automatically updated to reflect the committed changes.
Closed by commit rHG5c68b617ba24: parsers: better bounds checking in fm1readmarkers (authored by durin42, committed by ).

REPOSITORY
  rHG Mercurial

CHANGES SINCE LAST UPDATE
  https://phab.mercurial-scm.org/D5464?vs=12913&id=12925

REVISION DETAIL
  https://phab.mercurial-scm.org/D5464

AFFECTED FILES
  mercurial/cext/parsers.c

CHANGE DETAILS

diff --git a/mercurial/cext/parsers.c b/mercurial/cext/parsers.c
--- a/mercurial/cext/parsers.c
+++ b/mercurial/cext/parsers.c
@@ -572,6 +572,17 @@
 	                      &offset, &stop)) {
 		return NULL;
 	}
+	if (offset < 0) {
+		PyErr_SetString(PyExc_ValueError,
+		                "invalid negative offset in fm1readmarkers");
+		return NULL;
+	}
+	if (stop > datalen) {
+		PyErr_SetString(
+		    PyExc_ValueError,
+		    "stop longer than data length in fm1readmarkers");
+		return NULL;
+	}
 	dataend = data + datalen;
 	data += offset;
 	markers = PyList_New(0);



To: durin42, #hg-reviewers
Cc: mercurial-devel
