Add boundary check for ver4 bigram/shortcut reading.

Bug: 13185316 Change-Id: I5236222e2a5acda69821062a140c9e36a3024bd2
author: Keisuke Kuroyanagi <ksk@google.com> 2014-02-26 14:03:24 +0900
committer: Keisuke Kuroyanagi <ksk@google.com> 2014-02-26 14:03:24 +0900
commit: 7b496a58612cf1552fe82f8c51a82e7ab82985e1 (patch)
tree: 85d4d9b82a8b46cfa3a9605f9e1825cc85b7df3a
parent: f818b1aa322829c6f975528bf5e63047ba5684c9 (diff)
download: latinime-7b496a58612cf1552fe82f8c51a82e7ab82985e1.tar.gz
latinime-7b496a58612cf1552fe82f8c51a82e7ab82985e1.tar.xz
latinime-7b496a58612cf1552fe82f8c51a82e7ab82985e1.zip
2 files changed, 20 insertions, 0 deletions
diff --git a/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/bigram_dict_content.cpp b/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/bigram_dict_content.cpp
index cb9d450ec..279f5b33a 100644
--- a/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/bigram_dict_content.cpp
+++ b/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/bigram_dict_content.cpp
@@ -23,6 +23,13 @@ namespace latinime {
 const BigramEntry BigramDictContent::getBigramEntryAndAdvancePosition(
         int *const bigramEntryPos) const {
     const BufferWithExtendableBuffer *const bigramListBuffer = getContentBuffer();
+    if (*bigramEntryPos < 0 || *bigramEntryPos >=  bigramListBuffer->getTailPosition()) {
+        AKLOGE("Invalid bigram entry position. bigramEntryPos: %d, bufSize: %d",
+                *bigramEntryPos, bigramListBuffer->getTailPosition());
+        ASSERT(false);
+        return BigramEntry(false /* hasNext */, NOT_A_PROBABILITY,
+                Ver4DictConstants::NOT_A_TERMINAL_ID);
+    }
     const int bigramFlags = bigramListBuffer->readUintAndAdvancePosition(
             Ver4DictConstants::BIGRAM_FLAGS_FIELD_SIZE, bigramEntryPos);
     const bool hasNext = (bigramFlags & Ver4DictConstants::BIGRAM_HAS_NEXT_MASK) != 0;
diff --git a/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/shortcut_dict_content.cpp b/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/shortcut_dict_content.cpp
index 29972a4e8..64d7bc0a5 100644
--- a/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/shortcut_dict_content.cpp
+++ b/native/jni/src/suggest/policyimpl/dictionary/structure/v4/content/shortcut_dict_content.cpp
@@ -24,6 +24,19 @@ void ShortcutDictContent::getShortcutEntryAndAdvancePosition(const int maxCodePo
         int *const outCodePoint, int *const outCodePointCount, int *const outProbability,
         bool *const outhasNext, int *const shortcutEntryPos) const {
     const BufferWithExtendableBuffer *const shortcutListBuffer = getContentBuffer();
+    if (*shortcutEntryPos < 0 || *shortcutEntryPos >=  shortcutListBuffer->getTailPosition()) {
+        AKLOGE("Invalid shortcut entry position. shortcutEntryPos: %d, bufSize: %d",
+                *shortcutEntryPos, shortcutListBuffer->getTailPosition());
+        ASSERT(false);
+        if (outhasNext) {
+            *outhasNext = false;
+        }
+        if (outCodePointCount) {
+            *outCodePointCount = 0;
+        }
+        return;
+    }
+
     const int shortcutFlags = shortcutListBuffer->readUintAndAdvancePosition(
             Ver4DictConstants::SHORTCUT_FLAGS_FIELD_SIZE, shortcutEntryPos);
     if (outProbability) {
author	Keisuke Kuroyanagi <ksk@google.com>	2014-02-26 14:03:24 +0900
committer	Keisuke Kuroyanagi <ksk@google.com>	2014-02-26 14:03:24 +0900
commit	7b496a58612cf1552fe82f8c51a82e7ab82985e1 (patch)
tree	85d4d9b82a8b46cfa3a9605f9e1825cc85b7df3a
parent	f818b1aa322829c6f975528bf5e63047ba5684c9 (diff)
download	latinime-7b496a58612cf1552fe82f8c51a82e7ab82985e1.tar.gz latinime-7b496a58612cf1552fe82f8c51a82e7ab82985e1.tar.xz latinime-7b496a58612cf1552fe82f8c51a82e7ab82985e1.zip