blender
/
blender
134
398
Fork 580
Code Issues 6.3k Pull Requests 759 Projects 19 Wiki Activity

BLI: Prevent Overflow in Grouped Number Output #105263

Merged
Harley Acheson merged 2 commits from Harley/blender:GroupedOverflow into main 2023-03-02 17:38:47 +01:00
Conversation 4 Commits 2 Files Changed 12 +92 -44
Harley Acheson commented 2023-02-27 18:59:12 +01:00
Member
Copy Link

Increase the buffer sizes used for BLI_str_format_uint64_grouped to
prevent overflow on strings representing numbers within the uint64.
Also creates and uses defines for all the formatted string buffer
sizes.

When displaying large numbers we often use BLI_str_format_uint64_grouped to add commas as thousands separators. In all the places that we call this, and internal to that function, we use 16-byte characters arrays. This means that it can successfully turn "999999999999" into "999,999,999,999", but will overflow on one trillion or greater as that would require an 18-byte buffer.

This patch increases the buffer size used by this function to 27. And also uses a define for this size, and also for those used by BLI_str_format_byte_unit, BLI_str_format_decimal_unit, and BLI_str_format_integer_unit.

Increase the buffer sizes used for `BLI_str_format_uint64_grouped` to prevent overflow on strings representing numbers within the uint64. Also creates and uses defines for all the formatted string buffer sizes. --- When displaying large numbers we often use `BLI_str_format_uint64_grouped` to add commas as thousands separators. In all the places that we call this, and internal to that function, we use 16-byte characters arrays. This means that it can successfully turn "999999999999" into "999,999,999,999", but will **overflow** on one trillion or greater as that would require an 18-byte buffer. This patch increases the buffer size used by this function to 27. And also uses a define for this size, and also for those used by `BLI_str_format_byte_unit`, `BLI_str_format_decimal_unit`, and `BLI_str_format_integer_unit`.
StatsOverflow.jpg
316 KiB
StatsOverflow.jpg
❤️ 1 🚀 2
Harley Acheson requested review from Campbell Barton 2023-02-27 19:00:27 +01:00
Campbell Barton requested changes 2023-03-01 08:41:23 +01:00
Campbell Barton left a comment
Owner
Copy Link

Showing ? seems like a bug from a user perspective, if this were unavoidable it could be an acceptable fallback however increasing the default buffer size to fit the largest uint64_t is preferable.

A quick check shows len("{:3,d}".format(0xffff_ffff_ffff_ffff)) is 26, so the size of char dst[16] for BLI_str_format_uint64_grouped should be increased to 27.

To avoids hard coded values being duplicated, defines can be added to BLI_string.h.

#define BLI_STR_FORMAT_UINT64_GROUPED_SIZE 27
#define BLI_STR_FORMAT_INT32_GROUPED_SIZE 16
Showing `?` seems like a bug from a user perspective, if this were unavoidable it could be an acceptable fallback however increasing the default buffer size to fit the largest `uint64_t` is preferable. A quick check shows `len("{:3,d}".format(0xffff_ffff_ffff_ffff))` is 26, so the size of `char dst[16]` for `BLI_str_format_uint64_grouped` should be increased to 27. To avoids hard coded values being duplicated, defines can be added to `BLI_string.h`. ``` #define BLI_STR_FORMAT_UINT64_GROUPED_SIZE 27 #define BLI_STR_FORMAT_INT32_GROUPED_SIZE 16 ```
Harley Acheson force-pushed GroupedOverflow from eb701771dd to 583bdd73e3 2023-03-01 19:59:13 +01:00 Compare
Harley Acheson commented 2023-03-01 20:03:53 +01:00
Author
Member
Copy Link

@ideasman42 - ...increasing the default buffer size.. defines can be added

Yes, that works pretty well. About the only "complication" is that we quite often use a combination of these formatted strings so it is hard to do just grouped and not do the byte, unit, and integer formats as well. So this version does that too. Doesn't seem to make too much of a mess. I think its better...

> @ideasman42 - ...increasing the default buffer size.. defines can be added Yes, that works pretty well. About the only "complication" is that we quite often use a combination of these formatted strings so it is hard to do just grouped and not do the byte, unit, and integer formats as well. So this version does that too. Doesn't seem to make too much of a mess. I think its better...
Campbell Barton approved these changes 2023-03-01 23:07:26 +01:00
Campbell Barton force-pushed GroupedOverflow from 583bdd73e3 to 39482f0bd9 2023-03-01 23:08:55 +01:00 Compare
Campbell Barton approved these changes 2023-03-01 23:23:54 +01:00
Campbell Barton left a comment
Owner
Copy Link

Looks good, it also makes sense to have tests these functions are working as expected (passing in min/max for each type, ensuring values aren't clipped).

Looks good, it also makes sense to have tests these functions are working as expected (passing in min/max for each type, ensuring values aren't clipped).
source/blender/blenlib/BLI_string.h
@ -20,0 +31,4 @@
#define BLI_STR_FORMAT_UINT64_DECIMAL_UNIT_SIZE 7
/* Buffer size of maximum `int32` formatted as very short decimal size ("15B" for example). */
#define BLI_STR_FORMAT_UINT64_INTEGER_UNIT_SIZE 5
Campbell Barton commented 2023-03-01 23:22:14 +01:00
Owner
Copy Link

Should be BLI_STR_FORMAT_INT32_INTEGER_UNIT_SIZE

Should be BLI_STR_FORMAT_INT32_INTEGER_UNIT_SIZE
Harley marked this conversation as resolved
Harley Acheson changed title from BLI: Prevent Overflow in Grouped Number Output to WIP BLI: Prevent Overflow in Grouped Number Output 2023-03-02 00:17:48 +01:00
Harley Acheson commented 2023-03-02 00:20:29 +01:00
Author
Member
Copy Link

Harley: Fix those constants

and update the tests (BLI_string_text.cc). Not sure if all the functions are tested. make sure they all test min/max and use the constants for buffer sizes

Harley: Fix those constants and update the tests (BLI_string_text.cc). Not sure if all the functions are tested. make sure they all test min/max and use the constants for buffer sizes
Harley Acheson force-pushed GroupedOverflow from 39482f0bd9 to e410112e30 2023-03-02 02:22:22 +01:00 Compare
Harley Acheson changed title from WIP BLI: Prevent Overflow in Grouped Number Output to BLI: Prevent Overflow in Grouped Number Output 2023-03-02 02:23:30 +01:00
Harley Acheson commented 2023-03-02 02:26:03 +01:00
Author
Member
Copy Link

@ideasman42 - I fixed those constants for size/sign. And added tests for BLI_str_format_uint64_grouped and made the rest of them use the new constants.

@ideasman42 - I fixed those constants for size/sign. And added tests for `BLI_str_format_uint64_grouped` and made the rest of them use the new constants.
Campbell Barton approved these changes 2023-03-02 10:13:41 +01:00
Harley Acheson added 1 commit 2023-03-02 17:09:42 +01:00
buildbot/vexp-code-patch-coordinator Build done. Details
0ca8432ec5 Merge branch 'main' into GroupedOverflow
Harley Acheson commented 2023-03-02 17:10:43 +01:00
Author
Member
Copy Link

@blender-bot build

@blender-bot build
Harley Acheson merged commit 8c29d84139 into main 2023-03-02 17:38:47 +01:00
Harley Acheson deleted branch GroupedOverflow 2023-03-02 17:38:48 +01:00
Sign in to join this conversation.
Reviewers
No reviewers
Campbell Barton
Labels
Clear labels   
Interest
Alembic

  
Interest
Animation & Rigging

  
Interest
Asset Browser

  
Interest
Asset Browser Project Overview

  
Interest
Audio

  
Interest
Automated Testing

  
Interest
Blender Asset Bundle

  
Interest
BlendFile

  
Interest
Collada

  
Interest
Compatibility
This issue affects/is about backward or forward compatibility

  
Interest
Compositing

  
Interest
Core

  
Interest
Cycles

  
Interest
Dependency Graph

  
Interest
Development Management

  
Interest
EEVEE

  
Interest
EEVEE & Viewport

  
Interest
Freestyle

  
Interest
Geometry Nodes

  
Interest
Grease Pencil

  
Interest
ID Management

  
Interest
Images & Movies

  
Interest
Import Export

  
Interest
Line Art

  
Interest
Masking

  
Interest
Metal

  
Interest
Modeling

  
Interest
Modifiers

  
Interest
Motion Tracking

  
Interest
Nodes & Physics

  
Interest
OpenGL

  
Interest
Overlay

  
Interest
Overrides

  
Interest
Performance

  
Interest
Physics

  
Interest
Pipeline, Assets & IO

  
Interest
Platforms, Builds & Tests

  
Interest
Python API

  
Interest
Render & Cycles

  
Interest
Render Pipeline

  
Interest
Sculpt, Paint & Texture

  
Interest
Text Editor

  
Interest
Translations

  
Interest
Triaging

  
Interest
Undo

  
Interest
USD

  
Interest
User Interface

  
Interest
UV Editing

  
Interest
VFX & Video

  
Interest
Video Sequencer

  
Interest
Virtual Reality

  
Interest
Vulkan

  
Interest
Wayland
Issues relating to Wayland windowing support.

  
Interest
Workbench

  
Interest: X11

Issues relating to Xorg/X11 support.

  
Legacy
Blender 2.8 Project

  
Legacy
Milestone 1: Basic, Local Asset Browser

  
Legacy
OpenGL Error

  
Meta
Good First Issue

  
Meta
Papercut

  
Meta
Retrospective

  
Meta
Security
Issues relating to security: https://wiki.blender.org/wiki/Process/Vulnerability_Reports

  
Module
Animation & Rigging

  
Module
Core

  
Module
Development Management

  
Module
EEVEE & Viewport

  
Module
Grease Pencil

  
Module
Modeling

  
Module
Nodes & Physics

  
Module
Pipeline, Assets & IO

  
Module
Platforms, Builds & Tests

  
Module
Python API

  
Module
Render & Cycles

  
Module
Sculpt, Paint & Texture

  
Module
Triaging

  
Module
User Interface

  
Module
VFX & Video

  
Platform
FreeBSD

  
Platform
Linux

  
Platform
macOS

  
Platform
Windows

  
Priority
High

  
Priority
Low

  
Priority
Normal

  
Priority
Unbreak Now!

  
Status
Archived

  
Status
Confirmed

  
Status
Duplicate

  
Status
Needs Info from Developers

  
Status
Needs Information from User

  
Status
Needs Triage

  
Status
Resolved

  
Type
Bug

  
Type
Design

  
Type
Known Issue

  
Type
Patch

  
Type
Report

  
Type
To Do

No Label
Interest
Alembic
Interest
Animation & Rigging
Interest
Asset Browser
Interest
Asset Browser Project Overview
Interest
Audio
Interest
Automated Testing
Interest
Blender Asset Bundle
Interest
BlendFile
Interest
Collada
Interest
Compatibility
Interest
Compositing
Interest
Core
Interest
Cycles
Interest
Dependency Graph
Interest
Development Management
Interest
EEVEE
Interest
EEVEE & Viewport
Interest
Freestyle
Interest
Geometry Nodes
Interest
Grease Pencil
Interest
ID Management
Interest
Images & Movies
Interest
Import Export
Interest
Line Art
Interest
Masking
Interest
Metal
Interest
Modeling
Interest
Modifiers
Interest
Motion Tracking
Interest
Nodes & Physics
Interest
OpenGL
Interest
Overlay
Interest
Overrides
Interest
Performance
Interest
Physics
Interest
Pipeline, Assets & IO
Interest
Platforms, Builds & Tests
Interest
Python API
Interest
Render & Cycles
Interest
Render Pipeline
Interest
Sculpt, Paint & Texture
Interest
Text Editor
Interest
Translations
Interest
Triaging
Interest
Undo
Interest
USD
Interest
User Interface
Interest
UV Editing
Interest
VFX & Video
Interest
Video Sequencer
Interest
Virtual Reality
Interest
Vulkan
Interest
Wayland
Interest
Workbench
Interest: X11
Legacy
Blender 2.8 Project
Legacy
Milestone 1: Basic, Local Asset Browser
Legacy
OpenGL Error
Meta
Good First Issue
Meta
Papercut
Meta
Retrospective
Meta
Security
Module
Animation & Rigging
Module
Core
Module
Development Management
Module
EEVEE & Viewport
Module
Grease Pencil
Module
Modeling
Module
Nodes & Physics
Module
Pipeline, Assets & IO
Module
Platforms, Builds & Tests
Module
Python API
Module
Render & Cycles
Module
Sculpt, Paint & Texture
Module
Triaging
Module
User Interface
Module
VFX & Video
Platform
FreeBSD
Platform
Linux
Platform
macOS
Platform
Windows
Priority
High
Priority
Low
Priority
Normal
Priority
Unbreak Now!
Status
Archived
Status
Confirmed
Status
Duplicate
Status
Needs Info from Developers
Status
Needs Information from User
Status
Needs Triage
Status
Resolved
Type
Bug
Type
Design
Type
Known Issue
Type
Patch
Type
Report
Type
To Do
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: blender/blender#105263
No description provided.
Delete Branch "Harley/blender:GroupedOverflow"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?