Skip to content

Add enchant_dict_remove_from_session() #17393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jan 8, 2025
Merged

Add enchant_dict_remove_from_session() #17393

merged 2 commits into from
Jan 8, 2025

Conversation

nielsdos
Copy link
Member

@nielsdos nielsdos commented Jan 7, 2025

No description provided.

@nielsdos nielsdos requested a review from kocsismate as a code owner January 7, 2025 20:31
Girgias
Girgias reviewed Jan 7, 2025
View reviewed changes
ext/enchant/tests/dict_remove_from_session.phpt
$dicts = enchant_broker_list_dicts($broker);
$newWord = 'myImaginaryWord';

$requestDict = enchant_broker_request_dict($broker, $dicts[0]['lang_tag']);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mind adding a test which includes a null byte in the string?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh you're gonna love this.
Turns out that enchant crashes when you have a null byte in a string, for all the existing methods too...
So the fact that nulls aren't prevented is a bug since the introduction of the enchant extension.

Try it yourself!

<?php
$broker = enchant_broker_init();
$dicts = enchant_broker_list_dicts($broker);
$requestDict = enchant_broker_request_dict($broker, $dicts[0]['lang_tag']);
var_dump(enchant_dict_check($requestDict, "foo\0bar"));
libenchant-CRITICAL **: 19:54:21.646: string_substring: assertion '(offset + len) <= string_length' failed
And then a segfault

I guess I'll make a PR for lower branches to change the "s" to "p".

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lovely, I wonder how many bugs could be found by fuzzing extension functions with strings that contain null bytes.

@YuanchengJiang you might want to try this in your fuzzer.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I rebased this and added a commit to properly handle the null bytes.
Will squash ofc on merge.

nielsdos added a commit to nielsdos/php-src that referenced this pull request Jan 8, 2025
@nielsdos
Fix crashes in enchant when passing null bytes
490041c 
See php#17393 (comment)
@nielsdos nielsdos mentioned this pull request Jan 8, 2025
Closed
nielsdos added a commit that referenced this pull request Jan 8, 2025
@nielsdos
Fix crashes in enchant when passing null bytes
783ecad 
See #17393 (comment)

Closes GH-17407.
@nielsdos nielsdos merged commit 3a039e3 into php:master Jan 8, 2025
10 checks passed
charmitro pushed a commit to wasix-org/php that referenced this pull request Mar 13, 2025
@nielsdos @charmitro
Fix crashes in enchant when passing null bytes
627db02 
See php#17393 (comment)

Closes phpGH-17407.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Girgias Girgias Girgias approved these changes

@kocsismate kocsismate Awaiting requested review from kocsismate kocsismate is a code owner

Assignees
No one assigned
Labels
Extension: enchant
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nielsdos @Girgias