Skip to content

fix: add null checks and bounds validation for memory safety#12

Open
gavlooth wants to merge 2 commits intoHigherOrderCO:mainfrom
gavlooth:purple-work
Open

fix: add null checks and bounds validation for memory safety#12
gavlooth wants to merge 2 commits intoHigherOrderCO:mainfrom
gavlooth:purple-work

Conversation

@gavlooth
Copy link

@gavlooth gavlooth commented Dec 31, 2025

Summary

  • Add null check after strdup in parse_include to handle allocation failure
  • Add bounds check for string parsing to prevent buffer overflow (max 4096 codepoints)
  • Add null check after malloc in table_find to handle allocation failure

Test plan

  • Existing tests pass
  • Manual testing with large strings to verify bounds check

🤖 Generated with Claude Code

@christos-chatzifountas-biotz-io
Update auto_dup
818abec
@christos-chatzifountas-biotz-io @claude
fix: add null checks and bounds validation for memory safety
ac4937c 
- Add null check after strdup in parse_include
- Add bounds check for string parsing (max 4096 codepoints)
- Add null check after malloc in table_find

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@Lorenzobattistela
Copy link
Collaborator

Lorenzobattistela commented Jan 6, 2026

This probably has performance implications, doing bound validation is expensive. If possible / want us to review and merge, pls do benchmarking

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@gavlooth @Lorenzobattistela @christos-chatzifountas-biotz-io