[Libreoffice-commits] core.git: unotools/source

Caolán McNamara (via logerrit) logerrit at kemper.freedesktop.org
Sun Sep 12 15:40:57 UTC 2021 

 unotools/source/i18n/resmgr.cxx |   15 +++++++++++++++
 1 file changed, 15 insertions(+)

New commits:
commit cdf7352136f987f44e480777d302dfce9cbe3759
Author:     Caolán McNamara <caolanm at redhat.com>
AuthorDate: Sun Sep 12 11:51:37 2021 +0100
Commit:     Caolán McNamara <caolanm at redhat.com>
CommitDate: Sun Sep 12 17:40:23 2021 +0200

    ofz: workaround memory sanitizer failure by skipping boost::locale
    
    which seems to have started since...
    
    https://github.com/google/oss-fuzz/commit/a2be91d3f10c54f20ae651375683ae4605543a63
    
    e.g.
    
    ==3509==WARNING: MemorySanitizer: use-of-uninitialized-value
        #0 0xa990506 in ~basic_string /usr/local/bin/../include/c++/v1/string:2267:9
        #1 0xa990506 in ~pair /usr/local/bin/../include/c++/v1/__utility/pair.h:39:29
        #2 0xa990506 in std::__1::allocator<std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, boost::shared_ptr<boost::locale::localization_backend> > >::destroy(std::__1::pair<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, boost::shared_ptr<boost::locale::localization_backend> >*) /usr/local/bin/../include/c++/v1/__memory/allocator.h:156:15
        #3 0xa9899a5 in destroy<std::__1::pair<std::__1::string, boost::shared_ptr<boost::locale::localization_backend> >, void> /usr/local/bin/../include/c++/v1/__memory/allocator_traits.h:309:13
        #4 0xa9899a5 in __destruct_at_end /usr/local/bin/../include/c++/v1/vector:450:9
        #5 0xa9899a5 in clear /usr/local/bin/../include/c++/v1/vector:374:29
        #6 0xa9899a5 in ~__vector_base /usr/local/bin/../include/c++/v1/vector:487:9
        #7 0xa9899a5 in ~vector /usr/local/bin/../include/c++/v1/vector:579:5
        #8 0xa9899a5 in ~impl workdir/UnpackedTarball/boost/libs/locale/src/shared/localization_backend.cpp:34:45
        #9 0xa9899a5 in ~hold_ptr workdir/UnpackedTarball/boost/boost/locale/hold_ptr.hpp:36:13
        #10 0xa9899a5 in boost::locale::localization_backend_manager::~localization_backend_manager() workdir/UnpackedTarball/boost/libs/locale/src/shared/localization_backend.cpp:168:9
        #11 0x579edc in init workdir/UnpackedTarball/boost/libs/locale/src/shared/localization_backend.cpp:263:17
        #12 0x579edc in __cxx_global_var_init workdir/UnpackedTarball/boost/libs/locale/src/shared/localization_backend.cpp:264:15
        #13 0x579edc in _GLOBAL__sub_I_localization_backend.cpp workdir/UnpackedTarball/boost/libs/locale/src/shared/localization_backend.cpp
        #14 0xbe861ac in __libc_csu_init (/tmp/not-out/psdfuzzer+0xbe861ac)
        #15 0x7f1bcadc003f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2703f)
        #16 0x57c40d in _start (/tmp/not-out/psdfuzzer+0x57c40d)
    
    Change-Id: I14010df7c009b4c44943b0fd56688ed05569c1b4
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/121999
    Tested-by: Caolán McNamara <caolanm at redhat.com>
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/unotools/source/i18n/resmgr.cxx b/unotools/source/i18n/resmgr.cxx
index 62991153f01c..0d0a62d64b76 100644
--- a/unotools/source/i18n/resmgr.cxx
+++ b/unotools/source/i18n/resmgr.cxx
@@ -125,6 +125,11 @@ namespace Translate
         auto aFind = aCache.find(sUnique);
         if (aFind != aCache.end())
             return aFind->second;
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+        std::locale aRet(sIdentifier.getStr());
+        aCache[sUnique] = aRet;
+        return aRet;
+#else
         boost::locale::generator gen;
         gen.characters(boost::locale::char_facet);
         gen.categories(boost::locale::message_facet | boost::locale::information_facet);
@@ -196,10 +201,14 @@ namespace Translate
 
         aCache[sUnique] = aRet;
         return aRet;
+#endif
     }
 
     OUString get(TranslateId sContextAndId, const std::locale &loc)
     {
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+        return createFromUtf8(sContextAndId.mpId, strlen(sContextAndId.mpId));
+#else
         assert(!strchr(sContextAndId.mpId, '\004') && "should be using nget, not get");
 
         //if it's a key id locale, generate it here
@@ -221,10 +230,15 @@ namespace Translate
                 result = result.replaceAll(OUString::fromUtf8("\xC3\x9F"), "ss");
         }
         return result;
+#endif
     }
 
     OUString nget(TranslateNId aContextSingularPlural, int n, const std::locale &loc)
     {
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+        const char* pForm = n == 0 ? aContextSingularPlural.mpSingular : aContextSingularPlural.mpPlural;
+        return createFromUtf8(pForm, strlen(pForm));
+#else
         //if it's a key id locale, generate it here
         if (std::use_facet<boost::locale::info>(loc).language() == "qtz")
         {
@@ -244,6 +258,7 @@ namespace Translate
                 result = result.replaceAll(OUString::fromUtf8("\xC3\x9F"), "ss");
         }
         return result;
+#endif
     }
 
     static ResHookProc pImplResHookProc = nullptr;

More information about the Libreoffice-commits mailing list