From 841d4b5fb9ca42e697faf28148abe2bcd7230da5 Mon Sep 17 00:00:00 2001 From: John McFarland Date: Sat, 6 Jul 2019 11:07:50 -0500 Subject: [PATCH] Add iterator safety check in DoxygenParser::parse If the code called by DoxygenParser::parse does not behave correctly, it may move the iterator m_tokenListIt past the value endParsingIndex. This was not caught by the previous checks and could lead to dereferencing an invalid m_tokenListIt iterator value (and segfault). This is now protected against by using a less than check in the while loop instead of not equals. A warning is also printed if endParsingIndex is exceeded. --- Source/Doxygen/doxyparser.cxx | 8 +++++++- Source/Include/swigwarn.h | 1 + 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/Source/Doxygen/doxyparser.cxx b/Source/Doxygen/doxyparser.cxx index cbad7c74d..2e826b265 100644 --- a/Source/Doxygen/doxyparser.cxx +++ b/Source/Doxygen/doxyparser.cxx @@ -971,7 +971,9 @@ DoxygenEntityList DoxygenParser::parse(TokenListCIt endParsingIndex, const Token std::string currPlainstringCommandType = root ? "partofdescription" : "plainstd::string"; DoxygenEntityList aNewList; - while (m_tokenListIt != endParsingIndex) { + // Less than check (instead of not equal) is a safeguard in case the + // iterator is incremented past the end + while (m_tokenListIt < endParsingIndex) { Token currToken = *m_tokenListIt; @@ -988,6 +990,10 @@ DoxygenEntityList DoxygenParser::parse(TokenListCIt endParsingIndex, const Token addCommand(currPlainstringCommandType, tokList, aNewList); } + // If addCommand above misbehaves, it can move the iterator past endParsingIndex + if (m_tokenListIt > endParsingIndex) + printListError(WARN_DOXYGEN_UNEXPECTED_ITERATOR_VALUE, "Unexpected iterator value in DoxygenParser::parse"); + if (endParsingIndex != tokList.end() && m_tokenListIt == tokList.end()) { // this could happen if we can't reach the original endParsingIndex printListError(WARN_DOXYGEN_UNEXPECTED_END_OF_COMMENT, "Unexpected end of Doxygen comment encountered."); diff --git a/Source/Include/swigwarn.h b/Source/Include/swigwarn.h index fbcea4dbd..a08693ac8 100644 --- a/Source/Include/swigwarn.h +++ b/Source/Include/swigwarn.h @@ -221,6 +221,7 @@ #define WARN_DOXYGEN_HTML_ERROR 563 #define WARN_DOXYGEN_COMMAND_ERROR 564 #define WARN_DOXYGEN_UNKNOWN_CHARACTER 565 +#define WARN_DOXYGEN_UNEXPECTED_ITERATOR_VALUE 566 /* -- Reserved (600-799) -- */