Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/lib/libwrap And as long as we're attempting to achieve perfe...
details: https://anonhg.NetBSD.org/src/rev/b51ffa6818ca
branches: trunk
changeset: 996204:b51ffa6818ca
user: kre <kre%NetBSD.org@localhost>
date: Wed Jan 23 02:48:48 2019 +0000
description:
And as long as we're attempting to achieve perfection in code
that is never going to be executed, let's also check for possible
overflow in a sum that will never be computed...
diffstat:
lib/libwrap/expandm.c | 18 +++++++++++++++---
1 files changed, 15 insertions(+), 3 deletions(-)
diffs (39 lines):
diff -r 4d86d01e90ff -r b51ffa6818ca lib/libwrap/expandm.c
--- a/lib/libwrap/expandm.c Wed Jan 23 02:32:06 2019 +0000
+++ b/lib/libwrap/expandm.c Wed Jan 23 02:48:48 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: expandm.c,v 1.10 2019/01/23 02:32:06 kre Exp $ */
+/* $NetBSD: expandm.c,v 1.11 2019/01/23 02:48:48 kre Exp $ */
/*-
* Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -29,7 +29,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: expandm.c,v 1.10 2019/01/23 02:32:06 kre Exp $");
+__RCSID("$NetBSD: expandm.c,v 1.11 2019/01/23 02:48:48 kre Exp $");
#include <limits.h>
#include <stdio.h>
@@ -68,7 +68,19 @@
*/
if (__predict_false(nlen >= INT_MAX)) {
size_t blen = buf ? strlen(buf) : 0;
- size_t tlen = nlen + blen;
+ size_t tlen;
+
+ /*
+ * if we would overflow a ptrdiff_t when computing
+ * tlen, then don't bother. The format string is
+ * simply too large to be converted.
+ */
+ if (blen >= PTRDIFF_MAX ||
+ nlen >= PTRDIFF_MAX - blen ||
+ nlen >= SIZE_T_MAX - blen)
+ goto out;
+
+ tlen = nlen + blen;
/*
* We can't exceed PTRDIFF_MAX because we would
Home |
Main Index |
Thread Index |
Old Index