Skip to content

Commit

Permalink
better integer size assertion suggested by usak
Browse files Browse the repository at this point in the history
  • Loading branch information
@matz
matz committed Apr 24, 2014
1 parent 83c1399 commit 48f36d3
Show file tree
Hide file tree
Showing 6 changed files with 27 additions and 27 deletions.
2 changes: 2 additions & 0 deletions include/mruby.h
View file
Expand Up @@ -415,8 +415,10 @@ void* mrb_alloca(mrb_state *mrb, size_t);
#ifdef MRB_DEBUG
#include <assert.h>
#define mrb_assert(p) assert(p)
#define mrb_assert_int_fit(t1,n,t2,max) assert((n)>=0 && ((sizeof(n)<=sizeof(t2))||(n<=(t1)(max))))
#else
#define mrb_assert(p) ((void)0)
#define mrb_assert_int_fit(t1,n,t2,max) ((void)0)
#endif

#if defined(__cplusplus)
Expand Down
2 changes: 1 addition & 1 deletion src/codegen.c
View file
Expand Up @@ -719,7 +719,7 @@ attrsym(codegen_scope *s, mrb_sym a)
+ 1 /* '=' */
+ 1 /* '\0' */
);
mrb_assert(len > 0);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
memcpy(name2, name, (size_t)len);
name2[len] = '=';
name2[len+1] = '\0';
Expand Down
38 changes: 18 additions & 20 deletions src/dump.c
View file
Expand Up @@ -89,7 +89,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
str = mrb_fixnum_to_str(mrb, irep->pool[pool_no], 10);
{
mrb_int len = RSTRING_LEN(str);
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
size += (size_t)len;
}
break;
Expand All @@ -98,15 +98,15 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
{
int len;
len = mrb_float_to_str(buf, mrb_float(irep->pool[pool_no]));
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
size += (size_t)len;
}
break;

case MRB_TT_STRING:
{
mrb_int len = RSTRING_LEN(irep->pool[pool_no]);
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
size += (size_t)len;
}
break;
Expand Down Expand Up @@ -142,9 +142,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
char_ptr = RSTRING_PTR(str);
{
mrb_int tlen;

tlen = RSTRING_LEN(str);
mrb_assert(tlen >= 0);
mrb_assert(tlen <= INT16_MAX);
mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
len = (uint16_t)tlen;
}
break;
Expand All @@ -154,8 +154,7 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
{
int tlen;
tlen = mrb_float_to_str(char_buf, mrb_float(irep->pool[pool_no]));
mrb_assert(tlen >= 0);
mrb_assert(tlen <= INT16_MAX);
mrb_assert_int_fit(int, tlen, uint16_t, UINT16_MAX);
len = (uint16_t)tlen;
}
char_ptr = &char_buf[0];
Expand All @@ -166,9 +165,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
char_ptr = RSTRING_PTR(irep->pool[pool_no]);
{
mrb_int tlen;

tlen = RSTRING_LEN(irep->pool[pool_no]);
mrb_assert(tlen >= 0);
mrb_assert(tlen <= INT16_MAX);
mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
len = (uint16_t)tlen;
}
break;
Expand Down Expand Up @@ -222,7 +221,7 @@ write_syms_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)

name = mrb_sym2name_len(mrb, irep->syms[sym_no], &len);

mrb_assert(len <= UINT16_MAX);
mrb_assert_int_fit(mrb_int, len, uint16_t, UINT16_MAX);
cur += uint16_to_bin((uint16_t)len, cur); /* length of symbol name */
memcpy(cur, name, len); /* symbol name */
cur += (uint16_t)len;
Expand Down Expand Up @@ -315,7 +314,8 @@ write_section_irep_header(mrb_state *mrb, size_t section_size, uint8_t *bin)
struct rite_section_irep_header *header = (struct rite_section_irep_header*)bin;

memcpy(header->section_identify, RITE_SECTION_IREP_IDENTIFIER, sizeof(header->section_identify));
mrb_assert(section_size <= UINT32_MAX);

mrb_assert_int_fit(size_t, section_size, uint32_t, UINT32_MAX);
uint32_to_bin((uint32_t)section_size, header->section_size);
memcpy(header->rite_version, RITE_VM_VER, sizeof(header->rite_version));

Expand Down Expand Up @@ -392,7 +392,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
} else {
filename_len = 0;
}
mrb_assert(filename_len <= UINT16_MAX);
mrb_assert_int_fit(size_t, filename_len, uint16_t, UINT16_MAX);
cur += uint16_to_bin((uint16_t)filename_len, cur); /* filename size */

if (filename_len) {
Expand All @@ -401,7 +401,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
}

if (irep->lines) {
mrb_assert(irep->ilen <= UINT32_MAX);
mrb_assert_int_fit(size_t, irep->ilen, uint32_t, UINT32_MAX);
cur += uint32_to_bin((uint32_t)(irep->ilen), cur); /* niseq */
for (iseq_no = 0; iseq_no < irep->ilen; iseq_no++) {
cur += uint16_to_bin(irep->lines[iseq_no], cur); /* opcode */
Expand All @@ -412,12 +412,11 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
}

diff = cur - bin;
mrb_assert(diff >= 0);
mrb_assert((uint32_t)diff <= UINT32_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, uint32_t, UINT32_MAX);

uint32_to_bin((uint32_t)diff, bin); /* record size */

mrb_assert((size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
return (size_t)diff;
}

Expand Down Expand Up @@ -565,8 +564,7 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
/* filename index */
filename_idx = find_filename_index(filenames, filenames_len,
file->filename_sym);
mrb_assert(filename_idx >= 0);
mrb_assert(filename_idx <= UINT16_MAX);
mrb_assert_int_fit(int, filename_idx, uint16_t, UINT16_MAX);
cur += uint16_to_bin((uint16_t)filename_idx, cur);

/* lines */
Expand All @@ -593,10 +591,10 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
}

ret = cur - bin;
mrb_assert(ret >= 0 && (uint32_t)ret <= UINT32_MAX);
mrb_assert_int_fit(ptrdiff_t, ret, uint32_t, UINT32_MAX);
uint32_to_bin(ret, bin);

mrb_assert(ret >= 0 && (size_t)ret <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, ret, size_t, SIZE_MAX);
return (size_t)ret;
}

Expand Down
8 changes: 4 additions & 4 deletions src/load.c
View file
Expand Up @@ -156,7 +156,7 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, size_t *len, mrb_bool all
irep->reps = (mrb_irep**)mrb_malloc(mrb, sizeof(mrb_irep*)*irep->rlen);

diff = src - bin;
mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
*len = (size_t)diff;

return irep;
Expand Down Expand Up @@ -333,7 +333,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
}

diff = bin - start;
mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);

if (record_size != (size_t)diff) {
return MRB_DUMP_GENERAL_FAILURE;
Expand All @@ -349,7 +349,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
}

diff = bin - start;
mrb_assert(diff >=0 && (size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
*record_len = (size_t)diff;

return MRB_DUMP_OK;
Expand Down Expand Up @@ -391,7 +391,7 @@ read_section_debug(mrb_state *mrb, const uint8_t *start, mrb_irep *irep, mrb_boo

bin += len;
diff = bin - start;
mrb_assert(diff >= 0 && (size_t)diff <= UINT32_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
if ((uint32_t)diff != bin_to_uint32(header->section_size)) {
result = MRB_DUMP_GENERAL_FAILURE;
}
Expand Down
2 changes: 1 addition & 1 deletion src/string.c
View file
Expand Up @@ -272,7 +272,7 @@ str_buf_cat(mrb_state *mrb, struct RString *s, const char *ptr, size_t len)
ptr = STR_PTR(s) + off;
}
memcpy(STR_PTR(s) + STR_LEN(s), ptr, len);
mrb_assert(total <= MRB_INT_MAX);
mrb_assert_int_fit(size_t, total, mrb_int, MRB_INT_MAX);
STR_SET_LEN(s, total);
STR_PTR(s)[total] = '\0'; /* sentinel */
}
Expand Down
2 changes: 1 addition & 1 deletion src/symbol.c
View file
Expand Up @@ -401,7 +401,7 @@ sym_inspect(mrb_state *mrb, mrb_value sym)
sp = RSTRING_PTR(str);
RSTRING_PTR(str)[0] = ':';
memcpy(sp+1, name, len);
mrb_assert(len > 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
if (!symname_p(name) || strlen(name) != (size_t)len) {
str = mrb_str_dump(mrb, str);
sp = RSTRING_PTR(str);
Expand Down

0 comments on commit 48f36d3

Please sign in to comment.