Commit 8fc632f2b6fcc10717cd096da6ab957159f93e93
1 parent
c89da637
Fix crashing config file parser by very long lines
Found by quinox using AFL.
Showing
2 changed files
with
12 additions
and
0 deletions
configfileparser.cpp
| ... | ... | @@ -138,6 +138,12 @@ void ConfigFileParser::loadFile(bool test) |
| 138 | 138 | if (line.empty()) |
| 139 | 139 | continue; |
| 140 | 140 | |
| 141 | + // The regex matcher can be made to crash on very long lines, so we're protecting ourselves. | |
| 142 | + if (line.length() > 256) | |
| 143 | + { | |
| 144 | + throw ConfigFileException(formatString("Error at line %d in '%s': line suspiciouly long.", linenr, path.c_str())); | |
| 145 | + } | |
| 146 | + | |
| 141 | 147 | std::smatch matches; |
| 142 | 148 | |
| 143 | 149 | const bool blockStartMatch = std::regex_search(line, matches, block_regex_start); | ... | ... |
main.cpp
| ... | ... | @@ -85,6 +85,12 @@ int main(int argc, char *argv[]) |
| 85 | 85 | logger->logf(LOG_NOTICE, "Starting FlashMQ"); |
| 86 | 86 | mainApp->start(); |
| 87 | 87 | } |
| 88 | + catch (ConfigFileException &ex) | |
| 89 | + { | |
| 90 | + // Not using the logger here, because we may have had all sorts of init errors while setting it up. | |
| 91 | + std::cerr << ex.what() << std::endl; | |
| 92 | + return 99; | |
| 93 | + } | |
| 88 | 94 | catch (std::exception &ex) |
| 89 | 95 | { |
| 90 | 96 | // Not using the logger here, because we may have had all sorts of init errors while setting it up. | ... | ... |