Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2017-02-03 | bplist: Prevent OOB read when parsing data/string/array/dict size nodes | Nikias Bassen | 1 | -0/+2 | |
As reported in #91, the code that will read the big endian integer value of variable size did not check if the actual number of bytes is still withing the range of the actual plist data. This commit fixes the issue with proper bounds checking. | |||||
2017-02-03 | bplist: Unify size node parsing for data/string/array/dict nodes | Nikias Bassen | 1 | -45/+24 | |
2017-02-01 | bplist: Fix possible out-of-bounds read in parse_array_node() with proper ↵ | Nikias Bassen | 1 | -4/+12 | |
bounds checking | |||||
2017-02-01 | test: Add test cases for different bplist offset and reference sizes | Nikias Bassen | 20 | -0/+34 | |
2017-02-01 | bplist: Avoid heap buffer allocation when parsing array/dict/string/data ↵ | Nikias Bassen | 1 | -20/+25 | |
node sizes > 14 The sizes where effectively parsed by calling parse_uint_node() which allocates a node_t (along with plist_data_t) that is immediately freed after retrieving the integer value it holds. This commit changes the code to directly operate on the binary stream to 'just' read the size instead, reducing the memory footprint further. | |||||
2017-01-28 | Suppress compiler warning with new bplist code | Nikias Bassen | 1 | -1/+1 | |
2017-01-28 | bplist: Don't duplicate output buffer in plist_to_bin() | Nikias Bassen | 1 | -4/+4 | |
2017-01-28 | bplist: Improve parsing unicode nodes | Nikias Bassen | 1 | -23/+10 | |
2017-01-28 | bplist: Improve writing of offset table | Nikias Bassen | 1 | -12/+3 | |
2017-01-28 | bplist: Improve writing of array and dictionary nodes | Nikias Bassen | 1 | -54/+17 | |
2017-01-28 | bplist: Improve writing of data, string, and unicode nodes | Nikias Bassen | 1 | -18/+7 | |
2017-01-28 | bplist: Improve writing of UID nodes | Nikias Bassen | 1 | -12/+6 | |
2017-01-28 | bplist: Improve writing of integer nodes | Nikias Bassen | 1 | -21/+12 | |
2017-01-28 | bplist: Improve real/date node de/serialization | Nikias Bassen | 1 | -65/+56 | |
2017-01-25 | bplist: Fix UID node parsing to match Apple's parser | Nikias Bassen | 1 | -14/+7 | |
Apple only allows 32 bit unsigned values for UID nodes. Also the encoding of the length is different from the encoding used for other node types. The nibble used to mark the size is 1 less than the actual size of the integer value data, so 0 means 1 byte length 1 means 2 bytes length, etc. | |||||
2017-01-25 | bplist: Improve integer node parsing, remove unnecessary memcpy() | Nikias Bassen | 1 | -4/+2 | |
2017-01-19 | bplist: Check for invalid ref_size in bplist trailer | Nikias Bassen | 1 | -0/+3 | |
2017-01-19 | bplist: Mass-rename 'dict_size' and 'param_dict_size' to more appropriate ↵ | Nikias Bassen | 1 | -30/+30 | |
'ref_size' | |||||
2017-01-19 | bplist: Use proper struct for binary plist trailer | Nikias Bassen | 1 | -47/+31 | |
2017-01-19 | bplist: Check for invalid offset_size in bplist trailer | Wang Junjie | 1 | -0/+3 | |
2017-01-18 | bplist: Improve UINT_TO_HOST macro, remove uint24_from_be function | Nikias Bassen | 1 | -17/+11 | |
The uint24_from_be function used memcpy and a call to byte_convert. Instead the macro now shifts the data appropriately with a new beNtoh macro that eventually uses be64toh. This commit also fixes the problem where binary plist data with other non-power-of-2 sizes (like 5,6, or 7) where not handled correctly, and actually supports sizes larger than 8 bytes though only the last 8 bytes are actually converted (nobody will come up with such a large plist anyway). | |||||
2017-01-18 | plistutil: Use plist_is_binary() to check for binary plist data | Nikias Bassen | 1 | -1/+1 | |
2017-01-18 | plistutil: Prevent OOB heap buffer read by checking input size | Nikias Bassen | 1 | -0/+6 | |
As pointed out in #87 plistutil would do a memcmp with a heap buffer without checking the size. If the size is less than 8 it would read beyond the bounds of this heap buffer. This commit prevents that. | |||||
2017-01-16 | bplist: Disallow key nodes with non-string node types | Nikias Bassen | 1 | -0/+7 | |
As reported in #86, the binary plist parser would force the type of the key node to be of type PLIST_KEY while the node might be of a different i.e. non-string type. A following plist_free() might then call free() on an invalid pointer; e.g. if the node is of type integer, its value would be considered a pointer, and free() would cause an error. We prevent this issue by disallowing non-string key nodes during parsing. | |||||
2017-01-11 | base64: Rework base64decode to handle split encoded data correctly | Nikias Bassen | 1 | -41/+27 | |
2017-01-03 | xplist: Refine XML parsing error messages | Nikias Bassen | 1 | -15/+18 | |
2017-01-03 | time64: Remove some unused (and non-thread-safe) functions | Nikias Bassen | 2 | -28/+0 | |
2017-01-03 | win32: Try to prevent linking against libgcc_s_dw2 | Nikias Bassen | 1 | -2/+2 | |
While this works for libplist.dll, libplist++.dll will still have the _Unwind_Resume symbol being imported from libgcc_s_dw2-1.dll and there doesn't seem to be a way to prevent that. | |||||
2017-01-02 | test: Add some more test cases for various valid and invalid content | Nikias Bassen | 7 | -1/+62 | |
2017-01-02 | test: Add new test case for dictionaries with empty keys | Nikias Bassen | 3 | -1/+22 | |
2017-01-02 | test: Add new test case for entities | Nikias Bassen | 3 | -1/+71 | |
2017-01-02 | xplist: Error out when invalid tags inside text nodes are encountered | Nikias Bassen | 1 | -2/+12 | |
2017-01-02 | xplist: Make sure to error out when encountering empty/incomplete entities | Nikias Bassen | 1 | -1/+5 | |
2017-01-02 | xplist: Make sure to not parse for entities in empty strings | Nikias Bassen | 1 | -1/+1 | |
2017-01-02 | xplist: Allow empty keys in dictionaries | Nikias Bassen | 1 | -2/+2 | |
2017-01-02 | xplist: Allow whitespace after name in closing tag | Nikias Bassen | 1 | -2/+7 | |
'</key >' is a perfectly valid closing tag and so is '</key >' (note the newline). This commit will make the parser skip any encountered whitespace before checking for the closing '>'. | |||||
2017-01-01 | xplist: Fix numerical character entity conversion | Nikias Bassen | 1 | -2/+6 | |
2016-12-27 | Remove unused AC_SUBST for WINDRES | Nikias Bassen | 1 | -1/+0 | |
2016-12-27 | Remove check for pthread on macOS to suppress clang compiler warning | Nikias Bassen | 1 | -10/+8 | |
2016-12-21 | xplist: Fix UaF in code checking for closing tag | Nikias Bassen | 1 | -2/+2 | |
2016-12-21 | xplist: Make sure to correctly parse for closing tags of structured nodes | Nikias Bassen | 1 | -7/+45 | |
2016-12-21 | xplist: Make sure to stop parsing on entity errors | Nikias Bassen | 1 | -7/+11 | |
2016-12-14 | xplist: Remove usage of strlen() wherever possible | Nikias Bassen | 1 | -45/+66 | |
2016-12-14 | xplist: Improve text content parsing, reducing memory usage and unneeded copying | Nikias Bassen | 1 | -113/+318 | |
2016-12-14 | Properly check for the availability of strptime() and make sure to use it | Nikias Bassen | 2 | -2/+6 | |
2016-12-14 | base64: Prevent use of strlen() in base64decode when input buffer size is known | Nikias Bassen | 1 | -7/+8 | |
2016-11-28 | xplist: Fix parsing of adjacent nodes without whitespace between them | Nikias Bassen | 1 | -2/+1 | |
The context position counter was increased after encountering a closing node, e.g. '</dict>' or after a closing '</key>' node. When a node followed it directly without any whitespace inbetween, e.g. </dict><key>, parsing would fail since the parser would look at 'key>' instead of '<key>' for the next node to be parsed. | |||||
2016-11-27 | plist_copy: Duplicate hash tables when copying PLIST_DICT nodes | Nikias Bassen | 1 | -5/+15 | |
2016-11-18 | Updated README | Nikias Bassen | 1 | -2/+8 | |
2016-11-18 | test: Fix test plist having duplicate keys in dictionary | Nikias Bassen | 1 | -1/+1 | |