commit ba8c208bbdde16cc8da9ee7ff0b14086a65b37c3
parent ad73be052759c9472bcd1b871bd402eacf80da78
Author: Rolf Eike Beer <eike@sf-mail.de>
Date: Tue, 12 May 2020 20:46:56 +0200
fix possible length calculation overflow in stralloc_catb() and stralloc_copyb()
Diffstat:
3 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/Makefile b/Makefile
@@ -1871,7 +1871,7 @@ compile stralloc_cat.c byte.h stralloc.h gen_alloc.h
./compile stralloc_cat.c
stralloc_catb.o: \
-compile stralloc_catb.c stralloc.h gen_alloc.h byte.h
+compile stralloc_catb.c stralloc.h gen_alloc.h byte.h error.h oflops.h
./compile stralloc_catb.c
stralloc_cats.o: \
@@ -1888,7 +1888,7 @@ gen_allocdefs.h oflops.h error.h
./compile stralloc_eady.c
stralloc_opyb.o: \
-compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h
+compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h error.h oflops.h
./compile stralloc_opyb.c
stralloc_opys.o: \
diff --git a/stralloc_catb.c b/stralloc_catb.c
@@ -1,13 +1,20 @@
#include "stralloc.h"
#include "byte.h"
+#include "error.h"
+#include "oflops.h"
int stralloc_catb(sa,s,n)
stralloc *sa;
char *s;
unsigned int n;
{
+ unsigned int i;
if (!sa->s) return stralloc_copyb(sa,s,n);
- if (!stralloc_readyplus(sa,n + 1)) return 0;
+ if (__builtin_add_overflow(n, 1, &i)) {
+ errno = error_nomem;
+ return 0;
+ }
+ if (!stralloc_readyplus(sa,i)) return 0;
byte_copy(sa->s + sa->len,n,s);
sa->len += n;
sa->s[sa->len] = 'Z'; /* ``offensive programming'' */
diff --git a/stralloc_opyb.c b/stralloc_opyb.c
@@ -1,12 +1,19 @@
#include "stralloc.h"
#include "byte.h"
+#include "error.h"
+#include "oflops.h"
int stralloc_copyb(sa,s,n)
stralloc *sa;
char *s;
unsigned int n;
{
- if (!stralloc_ready(sa,n + 1)) return 0;
+ unsigned int i;
+ if (__builtin_add_overflow(n, 1, &i)) {
+ errno = error_nomem;
+ return 0;
+ }
+ if (!stralloc_ready(sa,i)) return 0;
byte_copy(sa->s,n,s);
sa->len = n;
sa->s[n] = 'Z'; /* ``offensive programming'' */
