int cht_get_urandom(Tcl_Interp *ip, Byte *buffer, int l);
void cht_obj_updatestr_vstringls(Tcl_Obj *o, ...);
- /* const char*, int, const char*, int, ..., (const char*)0 */
+ /* const char*, size_t, const char*, size_t, ..., (const char*)0 */
void cht_obj_updatestr_string_len(Tcl_Obj *o, const char *str, int l);
void cht_obj_updatestr_string(Tcl_Obj *o, const char *str);
va_list al;
char *p;
const char *part;
- int l, pl;
+ int l;
+ size_t pl;
va_start(al,o);
- for (l=0; (part= va_arg(al, const char*)); )
- l+= va_arg(al, int);
+ for (l=0; (part= va_arg(al, const char*)); ) {
+ pl= va_arg(al, size_t);
+ assert(pl <= INT_MAX/2 - l);
+ l += pl;
+ }
va_end(al);
o->length= l;
va_start(al,o);
for (p= o->bytes; (part= va_arg(al, const char*)); p += pl) {
- pl= va_arg(al, int);
+ pl= va_arg(al, size_t);
memcpy(p, part, pl);
}
va_end(al);
if (ix==-1) {
for (ix=0; ix<assoc->n && assoc->a[ix]; ix++);
if (ix>=assoc->n) {
+ assert(assoc->n < INT_MAX/4);
assoc->n += 2;
assoc->n *= 2;
assoc->a= TREALLOC(assoc->a, assoc->n*sizeof(*assoc->a));
if (xargs) {
rc= Tcl_ListObjLength(ip, xargs, &xlength); if (rc) return rc;
Tcl_IncrRefCount(xargs);
+ assert(si->llen < INT_MAX/2 && xlength < INT_MAX/2);
si->llen += xlength;
}
#include "chiark_tcl_cdb.h"
+#define KEYLEN_MAX (INT_MAX/2)
+
#define ftello ftell
#define fseeko fseek
#define MAX_SUFFIX 5
static void pathbuf_init(Pathbuf *pb, const char *pathb) {
- int l= strlen(pathb);
+ size_t l= strlen(pathb);
+ assert(l < INT_MAX);
pb->buf= TALLOC(l + MAX_SUFFIX + 1);
memcpy(pb->buf, pathb, l);
pb->sfx= pb->buf + l;
*p= 0;
errno=0; ul= strtoul(numbuf, &ep, 10);
- if (*ep || errno || ul >= INT_MAX/2) return -2;
+ if (*ep || errno || ul >= KEYLEN_MAX) return -2;
*num_r= ul;
return 0;
}
static int writerecord(FILE *f, const char *key, const HashValue *val) {
int r;
- r= fprintf(f, "+%d,%d:%s->", strlen(key), val->len, key);
+ r= fprintf(f, "+%d,%d:%s->", (int)strlen(key), val->len, key);
if (r<0) return -1;
r= fwrite(val->data, 1, val->len, f);
HashValue *val;
int rc, r;
+ if (strlen(key) >= KEYLEN_MAX)
+ return cht_staticerr(ip, "key too long", "CDB KEYOVERFLOW");
+
if (!rw->logfile) return cht_staticerr
(ip, "previous compact failed; cdbwr must be closed and reopened "
"before any further updates", "CDB BROKEN");
Bugfixes:
* Do not adns_cancel in the middle of adns_forallqueries.
+ * strlen returns size_t, not int; fixed up everywhere relevant.
+ Closes #393970. (Bug exists only where int and ssize_t differ.)
+
+ Portability fixes:
+ * Remove unecessary assertion of val<=0xffffffffUL where uint32_t val;
+ Closes: #394039 (FTBFS due to unhelpful GCC warning).
Internal improvements:
* Add a few assertions about *_LLEN in adns.c.
+ * Comprehensive review of use of `int' and defense against overflow.
--
}
TFREE(sock->msg_buf);
+ assert(sock->msg_buflen < INT_MAX/4);
sock->msg_buflen *= 2;
sock->msg_buflen += 100;
sock->msg_buf= TALLOC(sock->msg_buflen);
#include "chiark_tcl_hbytes.h"
static int strs1(Tcl_Interp *ip, int strc, Tcl_Obj *const *strv, int *l_r) {
- int rc, l, i;
+ int rc, l, i, pl;
l= 0;
for (i=1; i<strc; i++) {
rc= Tcl_ConvertToType(ip,strv[i],&cht_hbytes_type);
if (rc) return rc;
- l += cht_hb_len(OBJ_HBYTES(strv[i]));
+ pl= cht_hb_len(OBJ_HBYTES(strv[i]));
+ assert(l < INT_MAX/2 && pl < INT_MAX/2);
+ l += pl;
}
*l_r= l;
return TCL_OK;
Byte *old_block, *new_block, *new_dstart;
cx= complex(hb);
+
+ assert(el < INT_MAX/4 && cx->len < INT_MAX/2);
if (cx->prespace < el) {
new_prespace= el*2 + cx->len;
Byte *newpart, *new_block, *old_block;
cx= complex(hb);
+ assert(el < INT_MAX/4 && cx->len < INT_MAX/4);
new_len= cx->len + el;
if (new_len > cx->avail) {
int pl;
pl= strlen(prefix);
+ assert(l < INT_MAX/2 - 1 - pl);
o->length= l*2+pl;
str= o->bytes= TALLOC(o->length+1);
char buf[9];
val= *(const uint32_t*)&o->internalRep.longValue;
-
- assert(val <= 0xffffffffUL);
snprintf(buf,sizeof(buf), "%08lx", (unsigned long)val);
-
cht_obj_updatestr_vstringls(o, buf, sizeof(buf)-1, (char*)0);
}
assert(len >= am->space);
if (!len) return;
+ assert(len < INT_MAX/sizeof(*newentries));
newentries= TREALLOC(am->entries, sizeof(*newentries)*len);
assert(newentries);
}
am->byl= bitlen/8;
+ assert(inlen < INT_MAX/2);
am_reallocentries(am, (inlen-1)*2+1);
ame= ame_sfa_alloc(am);
breaking= &am.entries[searched];
nreplacements= new.prefix - breaking->prefixlen + 1;
+ fixme check integer overflow ^
replacements= TALLOC(sizeof(*replacements) * nreplacements);
for (fragmentlen= breaking->prefixlen + 1,
static void read_call(ClientData sock_cd, int mask) {
TuntapSocket *sock= (void*)sock_cd;
Tcl_Interp *ip= sock->ip;
- int sz, rc;
+ int rc;
+ ssize_t sz;
HBytes_Value message_val;
Tcl_Obj *args[2];