Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix potential soundness hole in version comparison #1358

Merged
merged 16 commits into from
Nov 15, 2022
Merged

Fix potential soundness hole in version comparison #1358

merged 16 commits into from
Nov 15, 2022

Conversation

hannobraun
Copy link
Owner

From one of the commit messages:

Going over the relevant parts of the standard library documentation with a fine comb, I realized that a pointer casted from a reference is only valid, if only raw pointers are used to access that memory.[1]

I don't know if this carries over to the pointer returned by str::as_ptr, but if it does, this could have indeed been a soundness hole, as the original str is still used, in fj-app's args module.

This could be the fix required for #1307, but having no access to Windows, I cannot be sure.

@hannobraun
Add debug output
917a9ba
@hannobraun
Add RawVersion::from_static_str
b59d4b1
@hannobraun
Make fields of RawVersion private
cda59d0 
This guarantees that a `RawVersion` can't be constructed from outside of
its module, allowing its methods to make more assumptions about its
fields. The benefits of this aren't realized yet.
@hannobraun
Rename RawVersion to Version
d650f9b 
There was no `Version`, so need for a prefix to distinguish this struct
from anything else. Any raw-ness that is inherent to it is an
implementation detail, and doesn't' need to be reflected in the name.
@hannobraun
Implement Send for Version
690d2ae
@hannobraun
Implement Sync for Version
0756724
@hannobraun
Make Version::to_string safe to call
60dbabb
@hannobraun
Update use
3a473bc
@hannobraun
Implement Display for Version
788242c
@hannobraun
Refactor
68de23a
@hannobraun
Make variable names more specific
7427ae2
@hannobraun
Derive some traits for Version
dd76816
@hannobraun
Enable string feature of clap
c6fd5e0 
This is needed to be able to pass a `String` to `#[command]` attributes
`version` parameter, which I'm about to do.
@hannobraun
Fix potential soundness hole
5a70a58 
Store `Version` in the version `static`s, instead of storing a `&'static
str` there and converting the version from that.

Going over the relevant parts of the standard library documentation with
a fine comb, I realized that a pointer casted from a reference is only
valid, if only raw pointers are used to access that memory.[1]

I don't know if this carries over to the pointer returned by
`str::as_ptr`, but if it does, this could have indeed been a soundness
hole, as the original `str` is still used, in `fj-app`'s `args` module.

[1]: https://doc.rust-lang.org/std/ptr/index.html#safety
@hannobraun
Don't mangle names of version statics
2daa042
@hannobraun
Bypass redundant version functions
5b8d94a
@hannobraun hannobraun merged commit f8c813d into main Nov 15, 2022
@hannobraun hannobraun deleted the version branch November 15, 2022 14:37
This was referenced Nov 15, 2022
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@hannobraun