From c9b0de041041c8f8cb69f7d45f93d2c10836dae9 Mon Sep 17 00:00:00 2001 From: Max Brunsfeld Date: Wed, 18 Jul 2018 11:24:15 -0700 Subject: [PATCH] Fix memory errors for deeply-nested HTML --- .npmignore | 1 + examples/deeply-nested-custom.html | 62 ++++++++++++++++++++++++++++++ examples/deeply-nested.html | 62 ++++++++++++++++++++++++++++++ package.json | 2 +- src/scanner.cc | 15 ++++++-- 5 files changed, 137 insertions(+), 5 deletions(-) create mode 100644 examples/deeply-nested-custom.html create mode 100644 examples/deeply-nested.html diff --git a/.npmignore b/.npmignore index 288afec..3e9f164 100644 --- a/.npmignore +++ b/.npmignore @@ -1,3 +1,4 @@ corpus +examples build script diff --git a/examples/deeply-nested-custom.html b/examples/deeply-nested-custom.html new file mode 100644 index 0000000..c7efc94 --- /dev/null +++ b/examples/deeply-nested-custom.html @@ -0,0 +1,62 @@ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/examples/deeply-nested.html b/examples/deeply-nested.html new file mode 100644 index 0000000..c9dcb8b --- /dev/null +++ b/examples/deeply-nested.html @@ -0,0 +1,62 @@ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/package.json b/package.json index e1bfe84..449a1e6 100644 --- a/package.json +++ b/package.json @@ -20,6 +20,6 @@ }, "scripts": { "build": "tree-sitter generate && node-gyp build", - "test": "tree-sitter test" + "test": "tree-sitter test && tree-sitter parse examples --quiet --time" } } diff --git a/src/scanner.cc b/src/scanner.cc index 5771cba..5b48c42 100644 --- a/src/scanner.cc +++ b/src/scanner.cc @@ -26,16 +26,21 @@ struct Scanner { unsigned serialize(char *buffer) { unsigned i = 0; - unsigned n = tags.size(); - buffer[i++] = n; + size_t n = tags.size(); + memcpy(buffer, &n, sizeof(n)); + i += sizeof(n); for (unsigned j = 0; j < n; j++) { Tag &tag = tags[j]; - buffer[i++] = static_cast(tag.type); if (tag.type == CUSTOM) { unsigned name_length = tag.custom_tag_name.size(); + if (i + 2 + name_length > TREE_SITTER_SERIALIZATION_BUFFER_SIZE) break; + buffer[i++] = static_cast(tag.type); buffer[i++] = name_length; tag.custom_tag_name.copy(&buffer[i], name_length); i += name_length; + } else { + if (i + 1 > TREE_SITTER_SERIALIZATION_BUFFER_SIZE) break; + buffer[i++] = static_cast(tag.type); } } return i; @@ -45,7 +50,9 @@ struct Scanner { tags.clear(); if (length > 0) { unsigned i = 0; - unsigned n = buffer[i++]; + size_t n; + memcpy(&n, buffer, sizeof(n)); + i += sizeof(n); tags.resize(n); for (unsigned j = 0; j < n; j++) { Tag &tag = tags[j];