Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Convert.TryToHexString{Lower} does not check the length of destination correct #109807

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
universorum opened this issue Nov 14, 2024 · 2 comments · Fixed by #109891
Closed

Convert.TryToHexString{Lower} does not check the length of destination correct #109807

universorum opened this issue Nov 14, 2024 · 2 comments · Fixed by #109891
Labels
area-System.Runtime in-pr There is an active PR which will close this issue when it is merged

Comments

@universorum
Copy link
Contributor

Description

Convert.TryToHexString{Lower} will allow the destination that smaller than actual length and will NOT allow what is bigger than 2x actual length.

Reproduction Steps

Span<byte> hashBuffer  = stackalloc byte[16];

Span<char> biggerThanDoubleLength = stackalloc char[33];
Debug.Assert(Convert.TryToHexString(hashBuffer, biggerThanDoubleLength, out _) == false);

Span<char> lessThanLength = stackalloc char[31]; 
Debug.Assert(Convert.TryToHexStringLower(hashBuffer, lessThanLength, out var length));
Debug.Assert(length == 32);

Console.WriteLine("done");

Expected behavior

The function may return false when the size of destination is smaller than 2x source and working when destination is bigger than 2x source.

Actual behavior

The function will return true when the size of destination is smaller than 2x source with proper out variable charsWritten and will NOT working when destination is bigger than 2x source.

Regression?

No response

Known Workarounds

No response

Configuration

No response

Other information

It look like 2 variable is reversed.

runtime/src/libraries/System.Private.CoreLib/src/System/Convert.cs

Line 3102 in 1c4c009

else if (source.Length > int.MaxValue / 2 || destination.Length > source.Length * 2)

runtime/src/libraries/System.Private.CoreLib/src/System/Convert.cs

Line 3179 in 1c4c009

else if (source.Length > int.MaxValue / 2 || destination.Length > source.Length * 2)

@ghost ghost added the needs-area-label An area label is needed to ensure this gets routed to the appropriate area owners label Nov 14, 2024
@dotnet-policy-service dotnet-policy-service bot added the untriaged New issue has not been triaged by the area owner label Nov 14, 2024
@huoyaoyuan huoyaoyuan added area-System.Runtime and removed needs-area-label An area label is needed to ensure this gets routed to the appropriate area owners labels Nov 14, 2024
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-runtime
See info in area-owners.md if you want to be subscribed.

@danmoseley
Copy link
Member

danmoseley commented Nov 14, 2024
edited
Loading

Would you like to investigate a bit? Edit: you already did. Would you like to offer a PR with a test? Thanks for the report

This was referenced Nov 15, 2024
Closed
Merged
@dotnet-policy-service dotnet-policy-service bot added the in-pr There is an active PR which will close this issue when it is merged label Nov 16, 2024
@KeterSCP KeterSCP mentioned this issue Nov 22, 2024
Closed
@dotnet-policy-service dotnet-policy-service bot removed the untriaged New issue has not been triaged by the area owner label Nov 27, 2024
github-actions bot pushed a commit that referenced this issue Nov 27, 2024
@universorum
Fix length check for Convert.TryToHexString{Lower}
b585b0b 
The size of destination should not be less than double source's length.

Fix #109807
GrabYourPitchforks pushed a commit that referenced this issue Dec 2, 2024
@universorum @GrabYourPitchforks
Fix length check for Convert.TryToHexString{Lower}
b9f667a 
The size of destination should not be less than double source's length.

Fix #109807
rbhanda pushed a commit that referenced this issue Dec 3, 2024
@github-actions @universorum
[release/9.0] Fix length check for Convert.TryToHexString{Lower} (#11…
9da8c6a 
…0228)

* Fix length check for Convert.TryToHexString{Lower}

The size of destination should not be less than double source's length.

Fix #109807

* Use stackalloc to create a Span

* Use new char[] to instead potentially unbounded stackalloc

---------

Co-authored-by: Universorum <[email protected]>
mikelle-rogers pushed a commit to mikelle-rogers/runtime that referenced this issue Dec 10, 2024
@universorum @mikelle-rogers
Fix length check for Convert.TryToHexString{Lower} (dotnet#109891)
e32ce27 
The size of destination should not be less than double source's length.

Fix dotnet#109807
@github-actions github-actions bot locked and limited conversation to collaborators Dec 28, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
area-System.Runtime in-pr There is an active PR which will close this issue when it is merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix length check for Convert.TryToHexString{Lower}
3 participants
@huoyaoyuan @danmoseley @universorum