Skip to content

[All] Security : memory management, destructors and al #5904

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
fredroy wants to merge 7 commits into
base: master
Choose a base branch
from
Open

[All] Security : memory management, destructors and al #5904

fredroy wants to merge 7 commits into from

Conversation

@fredroy
Copy link
Contributor

@fredroy fredroy commented Jan 29, 2026
edited
Loading

(the misc last part)

  • some dtors were not virtual and may not be called
  • sanity checks on input
  • memory management with arrays, etc
  • thread-safeness by replacing volatile by std::atomic (volatile dont guarantee about function ordering by the cpu)

[with-all-tests]

By submitting this pull request, I acknowledge that
I have read, understand, and agree SOFA Developer Certificate of Origin (DCO).

Reviewers will merge this pull-request only if

  • it builds with SUCCESS for all platforms on the CI.
  • it does not generate new warnings.
  • it does not generate new unit test failures.
  • it does not generate new scene test failures.
  • it does not break API compatibility.
  • it is more than 1 week old (or has fast-merge label).

@fredroy fredroy added pr: fix Fix a bug pr: status to review To notify reviewers to review this pull-request pr: ai-generated Label notifying the reviewers that part or all of the PR has been generated with the help of an AI labels Jan 29, 2026
@fredroy
fix unchecked fopen() return
e61b80f
@fredroy
Incorrect fwrite return value check
e78c497 
  - Issue: fwrite() returns number of items written, not bytes. Comparison was incorrect.
  - Fix: Changed comparisons from == sizeof(DDSHeader) and == getImageSize() to == 1
@fredroy
fix potential command injection with sanity check
52f2cbc
@fredroy
fix thread safety by replacing volatile with std::atomic
31f7d4c
@fredroy
polymorphic base classes were missing virtual destructors - this coul…
e075a68 
…d cause undefined behavior when deleting derived objects through base pointers
@fredroy
Replace raw new/delete with smart pointers and vectors, and fix memor…
0a1ac5c 
…y leak in debug file
@fredroy
fix test of pointer and test ftell result
b0871a3
@fredroy fredroy force-pushed the fix_vulnerabilities_misc branch from eb25a78 to b0871a3 Compare January 29, 2026 03:53
@fredroy
Copy link
Contributor Author

fredroy commented Jan 29, 2026

[ci-build][with-all-tests]

bakpaul
bakpaul reviewed Jan 30, 2026
View reviewed changes
Sofa/framework/Helper/src/sofa/helper/system/thread/CircularQueue.h
Comment on lines -154 to +155
volatile unsigned head;
volatile unsigned tail;
std::atomic<unsigned> head;
std::atomic<unsigned> tail;
Copy link
Contributor

@bakpaul bakpaul Jan 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not fully confident on that

Sofa/GL/src/sofa/gl/VideoRecorderFFMPEG.cpp
<< " -crf 17 "
<< " -vf vflip "
<< "\"" << m_filename << "\""; // @TODO C++14 : replace with std::quoted
<< "\"" << escapeForShell(m_filename) << "\"";
Copy link
Contributor

@bakpaul bakpaul Jan 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah ok, but the filename is something we create so this sanity check is maybe not required

Sofa/GUI/Common/src/sofa/gui/common/ArgumentParser.cpp

// delete argv copy
for (int i = 0; i < m_argc; i++) {
delete[] copyArgv[i];
Copy link
Contributor

@bakpaul bakpaul Jan 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't this still required because we still have a vector of char* ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bakpaul bakpaul bakpaul left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

pr: ai-generated Label notifying the reviewers that part or all of the PR has been generated with the help of an AI pr: fix Fix a bug pr: status to review To notify reviewers to review this pull-request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fredroy @bakpaul