array_reserve does not handle malloc errors
alaviss opened this issue · comments
Problem
The code allocates memory using malloc
and realloc
but does not check whether the allocation was successful.
For realloc
, this meant the old allocation is leaked and the data is gone.
For malloc
, this meant the array have a NULL contents pointer.
Either way, this is a SIGSEGV waiting to happen.
Lines 182 to 191 in 01bf431
Steps to reproduce
N/A
Expected behavior
Checks are added to relay error to caller, or just abort the program on failure.
Tree-sitter version (tree-sitter --version)
tree-sitter 0.22.5
Operating system/version
Gentoo Linux
There is a check if the default ts allocator is used (which the cli does or if you specify -DTREE_SITTER_REUSE_ALLOCATOR) -
Line 5 in 8b28443
If you are opting out of the ts allocator, then whatever the user supplies is used, or just the function itself if not.
Yeah, this working as intended. Like @amaanq, Tree-sitter aborts on allocation failure (unless you explicitly override that allocation behavior). Attempting to recover from allocation failure is explicitly not something we plan to do. For most codebases, attempting to do that correctly is a SEGV waiting to happen.
Is it the intention that grammars should be complied with -DTREE_SITTER_REUSE_ALLOCATOR
by default? None of the bindings seem to do that, so we already have SIGSEGV pending on OOM in all bindings.
At the very least I think the fallback implementations based on libc should also abort on failures.