From 808a08a363591abf754fafd93ec3f44c686486ec Mon Sep 17 00:00:00 2001 From: Scott McMurray Date: Sun, 4 Jun 2017 11:08:25 -0700 Subject: [PATCH] Add overflow checking for str::get with inclusive ranges Fixes #42401 --- src/libcollections/tests/lib.rs | 1 + src/libcollections/tests/str.rs | 42 +++++++++++++++++++++++++++++++++ src/libcore/str/mod.rs | 16 +++++++++---- 3 files changed, 55 insertions(+), 4 deletions(-) diff --git a/src/libcollections/tests/lib.rs b/src/libcollections/tests/lib.rs index 8af8786994e..f64a549a05d 100644 --- a/src/libcollections/tests/lib.rs +++ b/src/libcollections/tests/lib.rs @@ -22,6 +22,7 @@ #![feature(rand)] #![feature(slice_rotate)] #![feature(splice)] +#![feature(str_checked_slicing)] #![feature(str_escape)] #![feature(test)] #![feature(unboxed_closures)] diff --git a/src/libcollections/tests/str.rs b/src/libcollections/tests/str.rs index c9b7104fec4..9d8ca38b20e 100644 --- a/src/libcollections/tests/str.rs +++ b/src/libcollections/tests/str.rs @@ -358,6 +358,48 @@ fn test_slice_fail() { &"中华Việt Nam"[0..2]; } +#[test] +#[should_panic] +fn test_str_slice_rangetoinclusive_max_panics() { + &"hello"[...usize::max_value()]; +} + +#[test] +#[should_panic] +fn test_str_slice_rangeinclusive_max_panics() { + &"hello"[1...usize::max_value()]; +} + +#[test] +#[should_panic] +fn test_str_slicemut_rangetoinclusive_max_panics() { + let mut s = "hello".to_owned(); + let s: &mut str = &mut s; + &mut s[...usize::max_value()]; +} + +#[test] +#[should_panic] +fn test_str_slicemut_rangeinclusive_max_panics() { + let mut s = "hello".to_owned(); + let s: &mut str = &mut s; + &mut s[1...usize::max_value()]; +} + +#[test] +fn test_str_get_maxinclusive() { + let mut s = "hello".to_owned(); + { + let s: &str = &s; + assert_eq!(s.get(...usize::max_value()), None); + assert_eq!(s.get(1...usize::max_value()), None); + } + { + let s: &mut str = &mut s; + assert_eq!(s.get(...usize::max_value()), None); + assert_eq!(s.get(1...usize::max_value()), None); + } +} #[test] fn test_is_char_boundary() { diff --git a/src/libcore/str/mod.rs b/src/libcore/str/mod.rs index 76a5d0c0b50..34aca592b1e 100644 --- a/src/libcore/str/mod.rs +++ b/src/libcore/str/mod.rs @@ -1918,11 +1918,19 @@ impl SliceIndex for ops::RangeInclusive { type Output = str; #[inline] fn get(self, slice: &str) -> Option<&Self::Output> { - (self.start..self.end+1).get(slice) + if let Some(end) = self.end.checked_add(1) { + (self.start..end).get(slice) + } else { + None + } } #[inline] fn get_mut(self, slice: &mut str) -> Option<&mut Self::Output> { - (self.start..self.end+1).get_mut(slice) + if let Some(end) = self.end.checked_add(1) { + (self.start..end).get_mut(slice) + } else { + None + } } #[inline] unsafe fn get_unchecked(self, slice: &str) -> &Self::Output { @@ -1953,7 +1961,7 @@ impl SliceIndex for ops::RangeToInclusive { type Output = str; #[inline] fn get(self, slice: &str) -> Option<&Self::Output> { - if slice.is_char_boundary(self.end + 1) { + if self.end < usize::max_value() && slice.is_char_boundary(self.end + 1) { Some(unsafe { self.get_unchecked(slice) }) } else { None @@ -1961,7 +1969,7 @@ fn get(self, slice: &str) -> Option<&Self::Output> { } #[inline] fn get_mut(self, slice: &mut str) -> Option<&mut Self::Output> { - if slice.is_char_boundary(self.end + 1) { + if self.end < usize::max_value() && slice.is_char_boundary(self.end + 1) { Some(unsafe { self.get_unchecked_mut(slice) }) } else { None -- 2.44.0