X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=secnet.git;a=blobdiff_plain;f=ipaddr.c;h=8de384bfa190afadc7da9731a77c1ca9d794eac0;hp=1edc334e46fc28be2b20b0e41e16920509c06346;hb=6fbd4b99bc50cf9cd54a1b6e2b2c96c4ba4a9b19;hpb=794f2398b8fe84bf398bb10d6eeca6fe6737f65f

diff --git a/ipaddr.c b/ipaddr.c
index 1edc334..8de384b 100644
--- a/ipaddr.c
+++ b/ipaddr.c
@@ -2,7 +2,10 @@
    inspired by the 'ipaddr.py' library from Cendio Systems AB. */
 
 #include "secnet.h"
+#include <limits.h>
+#include <assert.h>
 #include <stdio.h>
+#include <string.h>
 #include "ipaddr.h"
 
 #define DEFAULT_ALLOC 2
@@ -14,7 +17,7 @@ struct subnet_list *subnet_list_new(void)
     r=safe_malloc(sizeof(*r),"subnet_list_new:list");
     r->entries=0;
     r->alloc=DEFAULT_ALLOC;
-    r->list=safe_malloc(sizeof(*r->list)*r->alloc,"subnet_list_new:data");
+    r->list=safe_malloc_ary(sizeof(*r->list),r->alloc,"subnet_list_new:data");
     return r;
 }
 
@@ -30,6 +33,7 @@ static void subnet_list_set_len(struct subnet_list *a, uint32_t l)
     uint32_t na;
 
     if (l>a->alloc) {
+	assert(a->alloc < (int)(INT_MAX/sizeof(*nd))-EXTEND_ALLOC_BY);
 	na=a->alloc+EXTEND_ALLOC_BY;
 	nd=realloc(a->list,sizeof(*nd)*na);
 	if (!nd) {
@@ -44,6 +48,7 @@ static void subnet_list_set_len(struct subnet_list *a, uint32_t l)
 void subnet_list_append(struct subnet_list *a, uint32_t prefix, uint32_t len)
 {
     struct subnet *sn;
+    assert(a->entries < INT_MAX);
     subnet_list_set_len(a,a->entries+1);
     sn=&a->list[a->entries-1];
     sn->prefix=prefix;
@@ -113,6 +118,7 @@ static void ipset_set_len(struct ipset *a, uint32_t l)
     uint32_t na;
 
     if (l>a->a) {
+	assert(a->a < INT_MAX-EXTEND_ALLOC_BY);
 	na=a->a+EXTEND_ALLOC_BY;
 	nd=realloc(a->d,sizeof(*nd)*na);
 	if (!nd) {
@@ -283,9 +289,9 @@ bool_t ipset_is_subset(struct ipset *super, struct ipset *sub)
 struct subnet_list *ipset_to_subnet_list(struct ipset *is)
 {
     struct subnet_list *r;
-    int64_t a,b;
+    int64_t a,b,lobit,himask,lomask;
+    int32_t bits;
     uint32_t i;
-    uint32_t lomask,lobit,himask,bits;
 
     r=subnet_list_new();
     for (i=0; i<is->l; i++) {
@@ -346,13 +352,13 @@ string_t subnet_to_string(struct subnet sn)
     return s;
 }
 
-static struct subnet string_item_to_subnet(item_t *i, string_t desc,
+static struct subnet string_item_to_subnet(item_t *i, cstring_t desc,
 					   bool_t *invert)
 {
     struct subnet s;
     uint32_t a, b, c, d, n;
     uint32_t match;
-    string_t in;
+    cstring_t in;
 
     *invert=False;
 
@@ -397,7 +403,7 @@ static struct subnet string_item_to_subnet(item_t *i, string_t desc,
     return s;
 }
 
-uint32_t string_item_to_ipaddr(item_t *i, string_t desc)
+uint32_t string_item_to_ipaddr(item_t *i, cstring_t desc)
 {
     uint32_t a, b, c, d;
     uint32_t match;
@@ -419,7 +425,7 @@ uint32_t string_item_to_ipaddr(item_t *i, string_t desc)
 }
 
 struct ipset *string_list_to_ipset(list_t *l, struct cloc loc,
-				   string_t module, string_t param)
+				   cstring_t module, cstring_t param)
 {
     struct ipset *r, *n, *isn;
     uint32_t e,i;