Fix slicing panic in path completion variable expansion #12556
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TornaxO7
approved these changes
Jan 16, 2025
|
Hmm usually regex matches should be non-overlapping. There is an overlapping mode but AFAIK not enabled |
|
Ah I think I get it now, I am tired. Could you add the example to the tests rest lgtm |
|
Yeah exactly, in this case |
The regexes in `expand_impl` may match multiple times on a single
variable like `${HOME:-$HOME}`: once for the `${HOME:-` part and
again for its default value `$HOME`. This could cause a panic because
of an invalid slice `&bytes[pos..range.start]`: `pos` is set to
`range.end` which corresponds to the closing `}` in the first iteration
of the loop, so it's greater than `range.start` in the second iteration.
the-mikedavis
force-pushed
the
md-path-expand-fix
branch
from
cc08dc0 to
cd07713
Compare
pascalkuthe
approved these changes
Jan 16, 2025
mmibbetson
pushed a commit
to mmibbetson/helix
that referenced
this pull request
Jan 18, 2025
rmburg
pushed a commit
to rmburg/helix
that referenced
this pull request
Jan 20, 2025
nik-rev
pushed a commit
to nik-rev/helix
that referenced
this pull request
Jan 24, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The regexes in
expand_implmay match multiple times on a single variable like${HOME:-$HOME}: once for the${HOME:-part and again for its default value$HOME. This could cause a panic because of an invalid slice&bytes[pos..range.start]:posis set torange.endwhich corresponds to the closing}in the first iteration of the loop, so it's greater thanrange.startin the second iteration.Fixes #12552