Skip to content

fmt/rfc2822: fix panic in handling of whitespace #360

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 3, 2025
Merged

fmt/rfc2822: fix panic in handling of whitespace #360

merged 1 commit into from
May 3, 2025

Conversation

@BurntSushi
Copy link
Owner

@BurntSushi BurntSushi commented May 3, 2025

Skipping whitespace happens immediately before input[0]. But skipping
the whitespace could lead to input being empty.

We handle the empty case and add a regression test.

Fixes #359

@BurntSushi
fmt/rfc2822: fix panic in handling of whitespace
792ea13 
Skipping whitespace happens immediately before `input[0]`. But skipping
the whitespace could lead to `input` being empty.

We handle the empty case and add a regression test.

Fixes #359
@BurntSushi BurntSushi mentioned this pull request May 3, 2025
Merged
1 task
@BurntSushi BurntSushi merged commit 016d0b1 into master May 3, 2025
34 checks passed
@BurntSushi BurntSushi deleted the ag/fix-rfc2822-parser-panic branch May 3, 2025 13:22
@ariebovenberg
Copy link
Contributor

ariebovenberg commented May 3, 2025

Well dang...looks like my latest changes introduced this bug in the parser 😮‍💨 . Really shows the power of fuzz testing though 👀

@BurntSushi
Copy link
Owner Author

BurntSushi commented May 3, 2025

Yeah it was a tricky one. And I missed it in review. I hope to setup fuzzing for Jiff soonish.

EliahKagan added a commit to EliahKagan/gitoxide that referenced this pull request May 4, 2025
@EliahKagan
Further upgrade jiff to fix fuzz failures (GitoxideLabs#1984)
0be4dd4 
This upgrades `jiff` to 0.2.12 to fix fuzzing failures. The test
case introduced in the previous commit now passes.

Upgrading `jiff` past 0.2.11 gets the fix for BurntSushi/jiff#359,
fixed in BurntSushi/jiff#360. To avoid declaring compatibility with
a version that has the bug, this advances `jiff` from 0.2.10 to
0.2.12 in the `gix-archive` and `gix-date` manifests.

(The changes in `Cargo.lock` are those that occur automatically
when `cargo check --workspace` is run after those changes.)

Fixes GitoxideLabs#1979
Fixes GitoxideLabs#1982
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

RFC 2822 parser can panic on some inputs

3 participants

@BurntSushi @ariebovenberg