From 1f6c2479260e2d26a861b871c443a5b960523a71 Mon Sep 17 00:00:00 2001 From: Evan Goode Date: Tue, 7 May 2024 16:33:03 +0000 Subject: [PATCH] ConfigParser: fix use-out-of-scope leaks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Petr Písař --- libdnf/conf/ConfigParser.cpp | 48 ++++++++++++++++++++++++------------ 1 file changed, 32 insertions(+), 16 deletions(-) diff --git a/libdnf/conf/ConfigParser.cpp b/libdnf/conf/ConfigParser.cpp index 76e7f9cc..977da757 100644 --- a/libdnf/conf/ConfigParser.cpp +++ b/libdnf/conf/ConfigParser.cpp @@ -95,7 +95,9 @@ std::pair ConfigParser::substitute_expression(const std::st const auto & variable_key = res.substr(pos_variable, pos_after_variable - pos_variable); const auto variable_mapping = substitutions.find(variable_key); - const std::string * variable_value = nullptr; + // No std::optional here. + bool variable_value_has_value{false}; + std::string variable_value{""}; if (variable_mapping == substitutions.end()) { if (variable_key == "releasever_major" || variable_key == "releasever_minor") { @@ -103,17 +105,22 @@ std::pair ConfigParser::substitute_expression(const std::st if (releasever_mapping != substitutions.end()) { const auto & releasever_split = ConfigParser::split_releasever(releasever_mapping->second); if (variable_key == "releasever_major") { - variable_value = &std::get<0>(releasever_split); + variable_value = std::get<0>(releasever_split); + variable_value_has_value = true; } else { - variable_value = &std::get<1>(releasever_split); + variable_value = std::get<1>(releasever_split); + variable_value_has_value = true; } } } } else { - variable_value = &variable_mapping->second; + variable_value = variable_mapping->second; + variable_value_has_value = true; } - const std::string * subst_str = nullptr; + // No std::optional here + std::string subst_str{""}; + bool subst_str_has_value{false}; size_t pos_after_variable_expression; @@ -153,20 +160,23 @@ std::pair ConfigParser::substitute_expression(const std::st // If variable is unset or empty, the expansion of word is // substituted. Otherwise, the value of variable is // substituted. - if (variable_value == nullptr || variable_value->empty()) { - subst_str = &expanded_word; + if (!variable_value_has_value || variable_value.empty()) { + subst_str = expanded_word; + subst_str_has_value = true; } else { subst_str = variable_value; + subst_str_has_value = true; } } else if (expansion_mode == '+') { // ${variable:+word} (alternate value) // If variable is unset or empty nothing is substituted. // Otherwise, the expansion of word is substituted. - if (variable_value == nullptr || variable_value->empty()) { - const std::string empty{}; - subst_str = ∅ + if (!variable_value_has_value || variable_value.empty()) { + subst_str = ""; + subst_str_has_value = true; } else { - subst_str = &expanded_word; + subst_str = expanded_word; + subst_str_has_value = true; } } else { // Unknown expansion mode, continue after the ':' @@ -176,7 +186,10 @@ std::pair ConfigParser::substitute_expression(const std::st pos_after_variable_expression = pos_after_word + 1; } else if (res[pos_after_variable] == '}') { // ${variable} - subst_str = variable_value; + if (variable_value_has_value) { + subst_str = variable_value; + subst_str_has_value = true; + } // Move past the closing '}' pos_after_variable_expression = pos_after_variable + 1; } else { @@ -186,20 +199,23 @@ std::pair ConfigParser::substitute_expression(const std::st } } else { // No braces, we have a $variable - subst_str = variable_value; + if (variable_value_has_value) { + subst_str = variable_value; + subst_str_has_value = true; + } pos_after_variable_expression = pos_after_variable; } // If there is no substitution to make, move past the variable expression and continue. - if (subst_str == nullptr) { + if (!subst_str_has_value) { total_scanned += pos_after_variable_expression - pos; pos = pos_after_variable_expression; continue; } - res.replace(pos, pos_after_variable_expression - pos, *subst_str); + res.replace(pos, pos_after_variable_expression - pos, subst_str); total_scanned += pos_after_variable_expression - pos; - pos += subst_str->length(); + pos += subst_str.length(); } else { total_scanned += 1; pos += 1; -- 2.45.2