[19354] Add XML parser bit_bound bounds check #3975

JesusPoderoso · 2023-10-31T13:17:38Z

Description

Bit mask's bit bound attribute can be set to values out of expected bounds (0 < bit_bound < 65) through XML configuration. This PR add a check in XML parser to avoid it.

@Mergifyio backport 2.11.x 2.10.x 2.6.x

Contributor Checklist

Commit messages follow the project guidelines.
The code follows the style guidelines of this project.
Tests that thoroughly check the new feature have been added/Regression tests checking the bug and its fix have been added; the added tests pass locally
N/A Any new/modified methods have been properly documented using Doxygen.
Changes are ABI compatible.
Changes are API compatible.
N/A New feature has been added to the versions.md file (if applicable).
N/A New feature has been documented/Current behavior is correctly described in the documentation.
Applicable backports have been included in the description.

Reviewer Checklist

The PR has a milestone assigned.
Check contributor checklist is correct.
Check CI results: changes do not issue any warning.
Check CI results: failing tests are unrelated with the changes.

Signed-off-by: JesusPoderoso <[email protected]>

JesusPoderoso · 2023-10-31T18:39:32Z

@richiprosima please test mac please test windows

Signed-off-by: JesusPoderoso <[email protected]>

src/cpp/rtps/xmlparser/XMLDynamicParser.cpp

Signed-off-by: JesusPoderoso <[email protected]>

MiguelCompany · 2023-11-03T09:07:36Z

@richiprosima Please test this

MiguelCompany · 2023-11-03T14:51:33Z

@richiprosima Please test mac

JesusPoderoso · 2023-11-03T16:25:28Z

@richiprosima please test mac

MiguelCompany · 2023-11-03T21:45:37Z

@Mergifyio backport 2.11.x 2.10.x 2.6.x

mergify · 2023-11-03T21:46:19Z

backport 2.11.x 2.10.x 2.6.x

✅ Backports have been created

#3989 [19354] Add XML parser bit_bound bounds check (backport #3975) has been created for branch 2.11.x
#3990 [19354] Add XML parser bit_bound bounds check (backport #3975) has been created for branch 2.10.x
#3991 [19354] Add XML parser bit_bound bounds check (backport #3975) has been created for branch 2.6.x

* Refs #19354: Add XML parser bit_bound bounds check Signed-off-by: JesusPoderoso <[email protected]> * Refs #19354: Add regression test Signed-off-by: JesusPoderoso <[email protected]> * Refs #19354: Check empty name Signed-off-by: JesusPoderoso <[email protected]> * Refs #19354: Apply rev suggestion Signed-off-by: JesusPoderoso <[email protected]> --------- Signed-off-by: JesusPoderoso <[email protected]> (cherry picked from commit e318c5b)

* Refs #19354: Add XML parser bit_bound bounds check Signed-off-by: JesusPoderoso <[email protected]> * Refs #19354: Add regression test Signed-off-by: JesusPoderoso <[email protected]> * Refs #19354: Check empty name Signed-off-by: JesusPoderoso <[email protected]> * Refs #19354: Apply rev suggestion Signed-off-by: JesusPoderoso <[email protected]> --------- Signed-off-by: JesusPoderoso <[email protected]> (cherry picked from commit e318c5b) Co-authored-by: Jesús Poderoso <[email protected]>

JesusPoderoso added 2 commits October 31, 2023 14:06

Refs #19354: Add XML parser bit_bound bounds check

842ea5d

Signed-off-by: JesusPoderoso <[email protected]>

Refs #19354: Add regression test

5df7bc6

Signed-off-by: JesusPoderoso <[email protected]>

JesusPoderoso added this to the v2.12.1 milestone Oct 31, 2023

JesusPoderoso self-assigned this Oct 31, 2023

Refs #19354: Check empty name

35d0dfe

Signed-off-by: JesusPoderoso <[email protected]>

MiguelCompany requested changes Nov 3, 2023

View reviewed changes

src/cpp/rtps/xmlparser/XMLDynamicParser.cpp Outdated Show resolved Hide resolved

Refs #19354: Apply rev suggestion

caaab39

Signed-off-by: JesusPoderoso <[email protected]>

MiguelCompany approved these changes Nov 3, 2023

View reviewed changes

MiguelCompany added the ci-pending PR which CI is running label Nov 3, 2023

MiguelCompany merged commit e318c5b into master Nov 3, 2023
9 of 14 checks passed

MiguelCompany deleted the hotfix/check_bitmask_bitbound branch November 3, 2023 21:45

mergify bot mentioned this pull request Nov 3, 2023

[19354] Add XML parser bit_bound bounds check (backport #3975) #3989

Merged

This was referenced Nov 3, 2023

[19354] Add XML parser bit_bound bounds check (backport #3975) #3990

Merged

[19354] Add XML parser bit_bound bounds check (backport #3975) #3991

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[19354] Add XML parser bit_bound bounds check #3975

[19354] Add XML parser bit_bound bounds check #3975

JesusPoderoso commented Oct 31, 2023 •

edited by MiguelCompany

Loading

JesusPoderoso commented Oct 31, 2023

MiguelCompany commented Nov 3, 2023

MiguelCompany commented Nov 3, 2023

JesusPoderoso commented Nov 3, 2023

MiguelCompany commented Nov 3, 2023

mergify bot commented Nov 3, 2023 •

edited

Loading

[19354] Add XML parser bit_bound bounds check #3975

[19354] Add XML parser bit_bound bounds check #3975

Conversation

JesusPoderoso commented Oct 31, 2023 • edited by MiguelCompany Loading

Description

Contributor Checklist

Reviewer Checklist

JesusPoderoso commented Oct 31, 2023

MiguelCompany commented Nov 3, 2023

MiguelCompany commented Nov 3, 2023

JesusPoderoso commented Nov 3, 2023

MiguelCompany commented Nov 3, 2023

mergify bot commented Nov 3, 2023 • edited Loading

✅ Backports have been created

JesusPoderoso commented Oct 31, 2023 •

edited by MiguelCompany

Loading

mergify bot commented Nov 3, 2023 •

edited

Loading