Skip to content

Fix decoder/encoder OOB paths; add ASAN regressions#15

Closed
jkammerland wants to merge 2 commits intomasterfrom
reviews0
Closed

Fix decoder/encoder OOB paths; add ASAN regressions#15
jkammerland wants to merge 2 commits intomasterfrom
reviews0

Conversation

@jkammerland
Copy link
Owner

@jkammerland jkammerland commented Jan 24, 2026

  • Fix bstr basic_string_view decode: handle 0-length, bounds-check, and advance reader
  • Add bounds checks for as_text_any/as_bstr_any and keep non-contiguous offsets consistent
  • Validate fixed-size array/span group sizes before decode to prevent OOB writes
  • Guard fixed-size output appender against buffer overflow (return status_code::error)
  • Add crash/ASAN-focused regression tests for the above cases
  • Fix IsFixedArray so std::span is treated as fixed-size (no tuple_size requirement)

@jkammerland
Fix decoder/encoder OOB paths; add ASAN regressions
4cd0cfc 
  - Fix bstr basic_string_view<byte> decode: handle 0-length, bounds-check, and advance reader
  - Add bounds checks for as_text_any/as_bstr_any and keep non-contiguous offsets consistent
  - Validate fixed-size array/span group sizes before decode to prevent OOB writes
  - Guard fixed-size output appender against buffer overflow (return status_code::error)
  - Add crash/ASAN-focused regression tests for the above cases
  - Fix IsFixedArray so std::span<T> is treated as fixed-size (no tuple_size requirement)
@jkammerland
CI(macos): Use latest 26, always + minor constexpr length check
b5a2b1e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jkammerland