MD_ReconstructionFromNode returns pointers to local variables

MD_ReconstructionFromNode in `out` list returns pointers to local variables:
https://github.com/Dion-Systems/metadesk/blob/23289461d249c787ff631ba1f82535b20acefe68/source/md.c#L4137 and
https://github.com/Dion-Systems/metadesk/blob/23289461d249c787ff631ba1f82535b20acefe68/source/md.c#L4170

This means that anybody using list outside will potentially read garbage values. This happens in `sanity_tests.c` tests when it tries to join strings immediately afterwards (but in current code it will return correct strings because stack values are not yet overwritten):

https://github.com/Dion-Systems/metadesk/blob/23289461d249c787ff631ba1f82535b20acefe68/tests/sanity_tests.c#L846

If you want to trigger this error, then inserting following piece of code after line 845 (directly below call to `MD_ReconstructionFromNode`) will produce corrupted string and test will fail:
```
            {
                // overwrite 4KB of stack with 0xaa 
                char* stack = (char*)_alloca(4096);
                for (volatile int k = 0; k < 4096; k++) stack[k] = 0xaa;
            }

```

I have potential fix for this here: https://github.com/mmozeiko/metadesk/commit/a18850fbb79546cb0fec72a7aae5d9be3ff4fad0
It changes char variables to string literals. If you're ok with such change.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

MD_ReconstructionFromNode returns pointers to local variables #18

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

MD_ReconstructionFromNode returns pointers to local variables #18

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions