NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit680aabd

committed

Validate ispell dictionaries more carefully.

Using incorrect, or just mismatched, dictionary and affix filescould result in a crash, due to failure to cross-check offsetsobtained from the file. Add necessary validation, as well assome Asserts for future-proofing.Per bug #16050 from Alexander Lakhin. Back-patch to 9.6 where theproblem was introduced.Arthur Zakirov, per initial investigation by Tomas VondraDiscussion:https://postgr.es/m/16050-024ae722464ab604@postgresql.orgDiscussion:https://postgr.es/m/20191013012610.2p2fp3zzpoav7jzf@development

1 parentb99bfc3 commit680aabdCopy full SHA for 680aabd

File tree

3 files changed

+93

-3

lines changed

src
- backend/tsearch
  - spell.c
- test/regress
  - expected
    - tsdicts.out
  - sql
    - tsdicts.sql

3 files changed

+93

-3

lines changed

`‎src/backend/tsearch/spell.c‎`

Lines changed: 22 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -458,6 +458,8 @@ IsAffixFlagInUse(IspellDict Conf, int affix, char affixflag)`
`458`	`458`	`if (*affixflag==0)`
`459`	`459`	`return true;`
`460`	`460`
	`461`	`+Assert(affix<Conf->nAffixData);`
	`462`	`+`
`461`	`463`	`flagcur=Conf->AffixData[affix];`
`462`	`464`
`463`	`465`	`while (*flagcur)`
`@@ -1160,13 +1162,17 @@ getAffixFlagSet(IspellDict Conf, char s)`
`1160`	`1162`	`(errcode(ERRCODE_CONFIG_FILE_ERROR),`
`1161`	`1163`	`errmsg("invalid affix alias \"%s\"",s)));`
`1162`	`1164`
`1163`		`-if (curaffix>0&&curaffix <=Conf->nAffixData)`
	`1165`	`+if (curaffix>0&&curaffix<Conf->nAffixData)`
`1164`	`1166`
`1165`	`1167`	`/*`
`1166`	`1168`	`* Do not subtract 1 from curaffix because empty string was added`
`1167`	`1169`	`* in NIImportOOAffixes`
`1168`	`1170`	`*/`
`1169`	`1171`	`returnConf->AffixData[curaffix];`
	`1172`	`+elseif (curaffix>Conf->nAffixData)`
	`1173`	`+ereport(ERROR,`
	`1174`	`+(errcode(ERRCODE_CONFIG_FILE_ERROR),`
	`1175`	`+errmsg("invalid affix alias \"%s\"",s)));`
`1170`	`1176`	`else`
`1171`	`1177`	`returnVoidString;`
`1172`	`1178`	`}`
`@@ -1556,6 +1562,8 @@ MergeAffix(IspellDict *Conf, int a1, int a2)`
`1556`	`1562`	`{`
`1557`	`1563`	`char**ptr;`
`1558`	`1564`
	`1565`	`+Assert(a1<Conf->nAffixData&&a2<Conf->nAffixData);`
	`1566`	`+`
`1559`	`1567`	`/* Do not merge affix flags if one of affix flags is empty */`
`1560`	`1568`	`if (*Conf->AffixData[a1]=='\0')`
`1561`	`1569`	`returna2;`
`@@ -1598,9 +1606,10 @@ MergeAffix(IspellDict *Conf, int a1, int a2)`
`1598`	`1606`	`staticuint32`
`1599`	`1607`	`makeCompoundFlags(IspellDict*Conf,intaffix)`
`1600`	`1608`	`{`
`1601`		`-char*str=Conf->AffixData[affix];`
	`1609`	`+Assert(affix<Conf->nAffixData);`
`1602`	`1610`
`1603`		`-return (getCompoundAffixFlagValue(Conf,str)&FF_COMPOUNDFLAGMASK);`
	`1611`	`+return (getCompoundAffixFlagValue(Conf,Conf->AffixData[affix])&`
	`1612`	`+FF_COMPOUNDFLAGMASK);`
`1604`	`1613`	`}`
`1605`	`1614`
`1606`	`1615`	`/*`
`@@ -1720,6 +1729,16 @@ NISortDictionary(IspellDict *Conf)`
`1720`	`1729`	`(errcode(ERRCODE_CONFIG_FILE_ERROR),`
`1721`	`1730`	`errmsg("invalid affix alias \"%s\"",`
`1722`	`1731`	`Conf->Spell[i]->p.flag)));`
	`1732`	`+if (curaffix<0\|\|curaffix >=Conf->nAffixData)`
	`1733`	`+ereport(ERROR,`
	`1734`	`+(errcode(ERRCODE_CONFIG_FILE_ERROR),`
	`1735`	`+errmsg("invalid affix alias \"%s\"",`
	`1736`	`+Conf->Spell[i]->p.flag)));`
	`1737`	`+if (*end!='\0'&& !t_isdigit(end)&& !t_isspace(end))`
	`1738`	`+ereport(ERROR,`
	`1739`	`+(errcode(ERRCODE_CONFIG_FILE_ERROR),`
	`1740`	`+errmsg("invalid affix alias \"%s\"",`
	`1741`	`+Conf->Spell[i]->p.flag)));`
`1723`	`1742`	`}`
`1724`	`1743`	`else`
`1725`	`1744`	`{`

`‎src/test/regress/expected/tsdicts.out‎`

Lines changed: 34 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -383,6 +383,40 @@ SELECT ts_lexize('hunspell_num', 'footballyklubber');`
`383`	`383`	`{foot,ball,klubber}`
`384`	`384`	`(1 row)`
`385`	`385`
	`386`	`+-- Test suitability of affix and dict files`
	`387`	`+CREATE TEXT SEARCH DICTIONARY hunspell_err (`
	`388`	`+Template=ispell,`
	`389`	`+DictFile=ispell_sample,`
	`390`	`+AffFile=hunspell_sample_long`
	`391`	`+);`
	`392`	`+ERROR: invalid affix alias "GJUS"`
	`393`	`+CREATE TEXT SEARCH DICTIONARY hunspell_err (`
	`394`	`+Template=ispell,`
	`395`	`+DictFile=ispell_sample,`
	`396`	`+AffFile=hunspell_sample_num`
	`397`	`+);`
	`398`	`+ERROR: invalid affix flag "SZ\"`
	`399`	`+CREATE TEXT SEARCH DICTIONARY hunspell_invalid_1 (`
	`400`	`+Template=ispell,`
	`401`	`+DictFile=hunspell_sample_long,`
	`402`	`+AffFile=ispell_sample`
	`403`	`+);`
	`404`	`+CREATE TEXT SEARCH DICTIONARY hunspell_invalid_2 (`
	`405`	`+Template=ispell,`
	`406`	`+DictFile=hunspell_sample_long,`
	`407`	`+AffFile=hunspell_sample_num`
	`408`	`+);`
	`409`	`+CREATE TEXT SEARCH DICTIONARY hunspell_invalid_3 (`
	`410`	`+Template=ispell,`
	`411`	`+DictFile=hunspell_sample_num,`
	`412`	`+AffFile=ispell_sample`
	`413`	`+);`
	`414`	`+CREATE TEXT SEARCH DICTIONARY hunspell_err (`
	`415`	`+Template=ispell,`
	`416`	`+DictFile=hunspell_sample_num,`
	`417`	`+AffFile=hunspell_sample_long`
	`418`	`+);`
	`419`	`+ERROR: invalid affix alias "302,301,202,303"`
`386`	`420`	`-- Synonym dictionary`
`387`	`421`	`CREATE TEXT SEARCH DICTIONARY synonym (`
`388`	`422`	`Template=synonym,`

`‎src/test/regress/sql/tsdicts.sql‎`

Lines changed: 37 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -96,6 +96,43 @@ SELECT ts_lexize('hunspell_num', 'footballklubber');`
`96`	`96`	`SELECT ts_lexize('hunspell_num','ballyklubber');`
`97`	`97`	`SELECT ts_lexize('hunspell_num','footballyklubber');`
`98`	`98`
	`99`	`+-- Test suitability of affix and dict files`
	`100`	`+CREATETEXT SEARCH DICTIONARY hunspell_err (`
	`101`	`+Template=ispell,`
	`102`	`+DictFile=ispell_sample,`
	`103`	`+AffFile=hunspell_sample_long`
	`104`	`+);`
	`105`	`+`
	`106`	`+CREATETEXT SEARCH DICTIONARY hunspell_err (`
	`107`	`+Template=ispell,`
	`108`	`+DictFile=ispell_sample,`
	`109`	`+AffFile=hunspell_sample_num`
	`110`	`+);`
	`111`	`+`
	`112`	`+CREATETEXT SEARCH DICTIONARY hunspell_invalid_1 (`
	`113`	`+Template=ispell,`
	`114`	`+DictFile=hunspell_sample_long,`
	`115`	`+AffFile=ispell_sample`
	`116`	`+);`
	`117`	`+`
	`118`	`+CREATETEXT SEARCH DICTIONARY hunspell_invalid_2 (`
	`119`	`+Template=ispell,`
	`120`	`+DictFile=hunspell_sample_long,`
	`121`	`+AffFile=hunspell_sample_num`
	`122`	`+);`
	`123`	`+`
	`124`	`+CREATETEXT SEARCH DICTIONARY hunspell_invalid_3 (`
	`125`	`+Template=ispell,`
	`126`	`+DictFile=hunspell_sample_num,`
	`127`	`+AffFile=ispell_sample`
	`128`	`+);`
	`129`	`+`
	`130`	`+CREATETEXT SEARCH DICTIONARY hunspell_err (`
	`131`	`+Template=ispell,`
	`132`	`+DictFile=hunspell_sample_num,`
	`133`	`+AffFile=hunspell_sample_long`
	`134`	`+);`
	`135`	`+`
`99`	`136`	`-- Synonym dictionary`
`100`	`137`	`CREATETEXT SEARCH DICTIONARY synonym (`
`101`	`138`	`Template=synonym,`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit680aabd

File tree

3 files changed

3 files changed

`‎src/backend/tsearch/spell.c‎`

`‎src/test/regress/expected/tsdicts.out‎`

`‎src/test/regress/sql/tsdicts.sql‎`

0 commit comments