Fix crash when an element of SymbolsBody is empty #423
Conversation
|
Thank you for the bug report. I confirm this syntax is accepted by But I think this is an oversight, because this syntax is useless. As Ivan Pascal wrote, the intended syntax would rather be: key <SPC> {[], [Space] };which parses correctly in Anyway, a segmentation fault is definitly not acceptable! |
wismill
added
bug
|
@wismill Thanks for the prompt review! I fixed the test. PTAL again. I agree that the parser rule is not useful. However changing it introduces backward incompatibility, so I decided to fix the crash for now. |
| xkb_types { include "complete" }; | ||
| xkb_compat { include "complete" }; | ||
| xkb_symbols "sym" { | ||
| key <SPC> { , [Space] }; |
There was a problem hiding this comment.
| key <SPC> { , [Space] }; | |
| // This dubious syntax is accepted by xkbcomp so we accept it for | |
| // backward compatibility. The preferred way to write it is: | |
| // key <SPC> { [], [Space] }; | |
| key <SPC> { , [Space] }; |
There was a problem hiding this comment.
Actually, these syntaxes are not equivalent. Using X11 xkbcomp, I get that
key <SPC> { [Space] };
key <SPC> { , [exclam] };is equivalent to
key <SPC> { [exclam] };whereas
key <SPC> { [Space] };
key <SPC> { [], [exclam] };is equivalent to
key <SPC> {
symbols[Group1]= [ Space ],
symbols[Group2]= [ exclam ]
};That’s why I wrote it was probably an oversight.
There was a problem hiding this comment.
Thanks for the clarification. then, is there any other changes needed?
There was a problem hiding this comment.
@chiro I wonder: where did you encounter this syntax in the first place? Unless there is a real-world proof, I think we should fix just the segfault, but disallow this syntax. It is useless per se and confusing. It is not used in xkeyboard-config.
I do not see to make key <SPC> { , [exclam] }; equivalent to key <SPC> { [], [exclam] }; either: XKB has C-style, so it would not be intuitive.
There was a problem hiding this comment.
Fully agree with @wismill here - if this is somewhere in the xkb maps we should fix it in xkeyboard-config but allowing this syntax seems like the wrong approach.
There was a problem hiding this comment.
@wismill It was not found in an actual in-use layout file. It's detected in testing. As far as I know, there is no real-world use case of this syntax. I have no objection to disallowing this syntax.
Just to clarify, I couldn't find any real-world use case, but it doesn't mean there is no use case in the world. That's why I made the CL just to fix the crash.
There was a problem hiding this comment.
@chiro we are grateful for uncovering the segfault. This is a nasty bug, and it would not occur to me to test this syntax. Well done!
I am curious, could you share how you stumble on this? Maybe we could then improve our test suite further.
Now, given that:
- AFAIK the syntax is useless and undocumented;
xkeyboard-configcompiles just fine with xkbcommon;- no one opened a ticket before.
then I really doubt there are use cases in the world. While we strive to have maximum compatibility with X11, I think this is one edge case we should not support. Probably worth a comment, at least in the code.
There was a problem hiding this comment.
It was reported as a potential security issue to the project I'm working on (Actually it was not because only layout files in xkeyboard-config are used). I don't know the details of how it was discovered, but it should be by fuzzing.
There was a problem hiding this comment.
If it's not used in any existing xkeyboard-config files, can we just make it return a parser error? That seems like the best option here - making this intentionally backwards-compatible means we have to support it forever when there seems to be little point to it.
There was a problem hiding this comment.
Thanks for the comment (and the reaction)! I changed this PR not to allow the syntax. Could you review it again? Thanks.
| xkb_types { include "complete" }; | ||
| xkb_compat { include "complete" }; | ||
| xkb_symbols "sym" { | ||
| key <SPC> { , [Space] }; |
There was a problem hiding this comment.
@chiro I wonder: where did you encounter this syntax in the first place? Unless there is a real-world proof, I think we should fix just the segfault, but disallow this syntax. It is useless per se and confusing. It is not used in xkeyboard-config.
I do not see to make key <SPC> { , [exclam] }; equivalent to key <SPC> { [], [exclam] }; either: XKB has C-style, so it would not be intuitive.
An empty element is allowed in SymbolsBody definition, so the following
keymap is gramatically correct.
```
xkb_keymap {
...
xkb_symbols "sym" {
key <SPC> {, [Space] };
};
};
```
However, the current parser crashes with the keymap due to null pointer
access.
This change fixes it by changing the parser not to allow it.
|
Thanks @chiro ! |
|
Thank you all for reviewing! |
An empty element is allowed in SymbolsBody definition, so the following keymap is gramatically correct.
However, the current parser crashes with the keymap due to null pointer access.
This change fixes the crash.