Skip to content

[io] Add buffer bound checks in TFile::Recover#22190

Merged
silverweed merged 5 commits into
root-project:masterfrom
silverweed:tfile_init_oob
Jun 23, 2026
Merged

[io] Add buffer bound checks in TFile::Recover#22190
silverweed merged 5 commits into
root-project:masterfrom
silverweed:tfile_init_oob

Conversation

@silverweed

@silverweed silverweed commented May 8, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

TODO

  • add tests
  • decide if we want/need to use the safer overloads elsewhere

This PR fixes #22169

@silverweed silverweed requested a review from jblomer May 8, 2026 13:10
@silverweed silverweed self-assigned this May 8, 2026
@silverweed silverweed force-pushed the tfile_init_oob branch 4 times, most recently from 668624f to 33f969c Compare May 8, 2026 13:46
@github-actions

github-actions Bot commented May 8, 2026
edited
Loading

Copy link
Copy Markdown

Test Results

    22 files      22 suites   3d 13h 44m 3s ⏱️
 3 873 tests  3 873 ✅ 0 💤 0 ❌
76 480 runs  76 480 ✅ 0 💤 0 ❌

Results for commit 5e6bdc2.

♻️ This comment has been updated with latest results.

@silverweed silverweed marked this pull request as ready for review May 11, 2026 09:31
pcanal
pcanal reviewed May 18, 2026
View reviewed changes
Comment thread io/io/src/TKey.cxx Outdated
@silverweed silverweed added this to the 6.40.02 milestone May 19, 2026
@dpiparo dpiparo modified the milestones: 6.40.02, 6.40.04 Jun 9, 2026
@silverweed
[core] Introduce safer overload of TString::ReadBuffer
3cd3486
@silverweed
[io] Introduce safer overload of TKey::ReadKeyBuffer
827d749
@silverweed
[io] use safer overload of TKey::ReadKeyBuffer() in TFile::Recover()
a3347dc 
This prevents potential oob stack reads in case of corrupted TFiles
@silverweed
[io] Cleanup a bit TFile::Recover
e09381b 
- Declare variables when they're used
- Spare a needless dynamic allocation
- Use memcpy instead of frombuf in a loop
@silverweed
[io] add integration test for TFile recover
5e6bdc2
@silverweed silverweed merged commit c489cd2 into root-project:master Jun 23, 2026
32 of 33 checks passed
@silverweed silverweed deleted the tfile_init_oob branch June 23, 2026 07:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pcanal pcanal pcanal left review comments

@dpiparo dpiparo dpiparo approved these changes

@jblomer jblomer Awaiting requested review from jblomer jblomer is a code owner

@bellenot bellenot Awaiting requested review from bellenot bellenot is a code owner

Assignees

@silverweed silverweed

Labels

in:Core Libraries in:I/O

Projects

None yet

Milestone

6.40.04

Development

Successfully merging this pull request may close these issues.

[io] TFile::Recover doesn't properly validate read lengths

3 participants

@silverweed @pcanal @dpiparo