Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for empty buffer when rendering #254

Merged
merged 3 commits into from
Mar 18, 2019
Merged

Check for empty buffer when rendering #254

merged 3 commits into from
Mar 18, 2019

Conversation

philipturnbull
Copy link
Contributor

This minor bug came in via GitHub's Bug Bounty program. I did some digging and we didn't find this bug via fuzzing because we discard all empty documents in test/cmark-fuzz.c. I tweaked the fuzzing harness to accept empty documents.

I also noticed we use a fixed width when fuzzing. Allow the width parameter to be fuzzed too for better coverage.

@philipturnbull
Check for empty buffer when rendering
e489ba4 
For empty documents, `->size` is zero so
`renderer.buffer->ptr[renderer.buffer->size - 1]` will cause an out-of-bounds
read. Empty buffers always point to the global `cmark_strbuf__initbuf` buffer
so we read `cmark_strbuf__initbuf[-1]`.
@philipturnbull
Don't discard empty fuzz test-cases
b04ab57 
We currently discard fuzz test-cases that are empty but empty inputs are valid
markdown. This improves the fuzzing coverage slightly.
@philipturnbull
Fuzz width parameter too
c24c432 
Allow the `width` parameter to be generated too so we get better fuzz-coverage.
@philipturnbull philipturnbull mentioned this pull request Oct 18, 2018
Merged
@kivikakk kivikakk deleted the empty-input branch February 5, 2019 03:01
@jgm jgm merged commit ca8ef74 into commonmark:master Mar 18, 2019
@jgm
Copy link
Member

jgm commented Mar 18, 2019

Belated thanks!

talum referenced this pull request in github/cmark-gfm Sep 14, 2021
@jgm
Merge pull request #254 from github/empty-input
b5a54f6 
Check for empty buffer when rendering
QuietMisdreavus pushed a commit to swiftlang/swift-cmark that referenced this pull request Apr 6, 2023
@phillmv
Merge pull request commonmark#254 from ioquatix/expose-cmark_node_par…
7b4ed79 
…ent_footnote_def

Expose `cmark_node_parent_footnote_def`.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@philipturnbull @jgm