Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix: Saving SDT_INTLIST handle unsigned values properly #7396

Merged
merged 3 commits into from Feb 6, 2020

Conversation

@Eddi-z
Copy link
Contributor

@Eddi-z Eddi-z commented Mar 22, 2019

This PR addresses a line that @PeterN wrote in the chat when he was trying out code to save a colour preset to the config file:

[22.03.19 00:49] <peter1138> colour_presets = -1957633922,-1336168961,-1790426469,-1784986981,1451692562,0,0,2077322240,0,0,0,0,0,0,0,0

The first issue is that the values are written as signed, even though they are unsigned in the code. The first commit handles writing these values correctly, the second is about correctly reading the (now out-of-range) values back in

the third commit is a feature to write long numbers like this as hexadecimal (reading should already be possible)

@Eddi-z Eddi-z force-pushed the settingslist branch 2 times, most recently from 2bfcd9e to 052f539 Mar 22, 2019
if (p == end) return -1; // invalid character (not a number)
if (sizeof(int) < sizeof(long)) v = ClampToI32(v);
Copy link
Contributor Author

@Eddi-z Eddi-z Mar 22, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm unsure about this change. it now mimics the behaviour in StringToVal, however i feel like some validation of range should happen.

Copy link
Member

@LordAro LordAro Apr 14, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm yes, bit weird to be removing this. Perhaps it should be added to StringToVal?
Condition could probably be sanely removed though..

src/settings.cpp Outdated Show resolved Hide resolved
@Eddi-z Eddi-z force-pushed the settingslist branch 2 times, most recently from dde90cc to e2ca55d Mar 24, 2019
src/settings.cpp Outdated
@@ -187,9 +187,8 @@ static int ParseIntList(const char *p, int *items, int maxitems)
default: {
if (n == maxitems) return -1; // we don't accept that many numbers
char *end;
long v = strtol(p, &end, 0);
size_t v = strtoul(p, &end, 0);
Copy link
Member

@LordAro LordAro Apr 14, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

surprised this doesn't cause a warning elsewhere (e.g. line192), given this has gone from signed to unsigned...

Copy link
Member

@LordAro LordAro Apr 14, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, shouldn't this be unsigned long instead of size_t ? They're not necessarily the same...

Copy link
Contributor

@nielsmh nielsmh Feb 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the entire SDT_INTLIST handling might just as well be changed to only do unsigned. As far as I can tell no uses of it need signed values anyway.

if (p == end) return -1; // invalid character (not a number)
if (sizeof(int) < sizeof(long)) v = ClampToI32(v);
Copy link
Member

@LordAro LordAro Apr 14, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm yes, bit weird to be removing this. Perhaps it should be added to StringToVal?
Condition could probably be sanely removed though..

@stale
Copy link

@stale stale bot commented May 14, 2019

This pull request has been automatically marked as stale because it has not had any activity in the last month.
Please feel free to give a status update now, ping for review, or re-open when it's ready.
It will be closed if no further activity occurs within 7 days.
Thank you for your contributions.

@stale stale bot added the stale label May 14, 2019
@LordAro LordAro added this to the 1.10.0 milestone Nov 23, 2019
@nielsmh
Copy link
Contributor

@nielsmh nielsmh commented Feb 6, 2020

I made a template out of ParseIntList since it was being used with two different array types, and changed it to be uinsigned almost all the way through. I don't think there's any cases where it's used with signed values, so that's probably safer regardless. Overall, this should have less weird casting and have less potential UB.

@nielsmh nielsmh requested a review from LordAro Feb 6, 2020
LordAro
LordAro approved these changes Feb 6, 2020
@LordAro LordAro merged commit 1072837 into OpenTTD:master Feb 6, 2020
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants