twa: guard against highlighting of non-existing edges and states

For issue #556, reported by Dávid Smolka. Not sure if this is a complete fix yet, but that's at least part of the issue. * spot/twa/twagraph.cc (defrag_states): Skip those unexisting edges and states while remaping highlight-states and highlight-edges. * spot/parseaut/parseaut.yy: Likewise for dropped edges. * tests/python/parsetgba.py: Augment test case.
2023-12-04 17:59:09 +01:00 · 2023-12-04 17:59:09 +01:00 · ba86dc6b18
commit ba86dc6b18
parent 444d4f773d
3 changed files with 22 additions and 7 deletions
--- a/spot/parseaut/parseaut.yy
+++ b/spot/parseaut/parseaut.yy
@ -2943,9 +2943,12 @@ namespace spot
      {
        // Update the highlight_edges map to deal with removed/added
        // edges.
+        unsigned ems = r.edge_map.size();
        std::map<unsigned, unsigned> remap;
        for (auto [edgnum, color]: *r.highlight_edges)
-          if (edgnum > 0) /* not expected, but can't trust input data */
+          /* edge numbers outside of the actual number of edges read are
+             not expected, but we can't trust input data */
+          if (SPOT_LIKELY(edgnum > 0 && edgnum <= ems))
            if (unsigned newnum = r.edge_map[edgnum - 1]; newnum > 0)
              remap[newnum] = color;
        std::swap(remap, *r.highlight_edges);
--- a/spot/twa/twagraph.cc
+++ b/spot/twa/twagraph.cc
@ -1274,9 +1274,15 @@ namespace spot
    if (auto hs = get_named_prop<std::map<unsigned, unsigned>>
        ("highlight-states"))
      {
+        unsigned ns = newst.size();
        std::map<unsigned, unsigned> hs2;
        for (auto p: *hs)
          {
+            // Let's just ignore unexisting states.  Raising an
+            // exception here would leave the automaton in a strange
+            // state.
+            if (SPOT_UNLIKELY(p.first >= ns))
+              continue;
            unsigned dst = newst[p.first];
            if (dst != -1U)
              hs2[dst] = p.second;
@ -1306,7 +1312,11 @@ namespace spot
          }
        std::map<unsigned, unsigned> he2;
        for (auto [e, c]: *he)
-          if (newedges[e] != -1U)
+          // Let's just ignore unexisting edges.  Raising an exception
+          // here would leave the automaton in a strange state.
+          if (SPOT_UNLIKELY(e > es))
+            continue;
+          else if (newedges[e] != -1U)
            he2.emplace(newedges[e], c);
        std::swap(*he, he2);
      }