Merge pull request #993 from evoskuil/master

Problem: integer narrowing and sign mismatch issues.

foreign/sha1/sha1.c

@@ -243,14 +243,14 @@ sha1_pad(struct sha1_ctxt * ctxt)
 	if (padlen < 8)
 	{
 		memset(&ctxt->m.b8[padstart], 0, padlen);
-		COUNT += padlen;
+		COUNT += (uint8_t) padlen;
 		COUNT %= 64;
 		sha1_step(ctxt);
 		padstart = COUNT % 64;	/* should be 0 */
 		padlen = 64 - padstart; /* should be 64 */
 	}
 	memset(&ctxt->m.b8[padstart], 0, padlen - 8);
-	COUNT += (padlen - 8);
+    COUNT += ((uint8_t) padlen - 8);
 	COUNT %= 64;
 #ifdef WORDS_BIGENDIAN
 	PUTPAD(ctxt->c.b8[0]);
@@ -292,7 +292,7 @@ sha1_loop(struct sha1_ctxt * ctxt, const uint8_t *input0, size_t len)
 
 		copysiz = (gaplen < len - off) ? gaplen : len - off;
 		memmove(&ctxt->m.b8[gapstart], &input[off], copysiz);
-		COUNT += copysiz;
+		COUNT += (uint8_t) copysiz;
 		COUNT %= 64;
 		ctxt->c.b64[0] += copysiz * 8;
 		if (COUNT % 64 == 0)

foreign/slre/slre.c

@@ -404,12 +404,12 @@ slre_compile (struct slre *r, const char *re)
 }
 
 static int
-match (const struct slre *, int, const char *, int, int *, struct cap *);
+match (const struct slre *, int, const char *, size_t, size_t *, struct cap *);
 
 static void
-loop_greedy (const struct slre *r, int pc, const char *s, int len, int *ofs)
+loop_greedy (const struct slre *r, int pc, const char *s, size_t len, size_t *ofs)
 {
-    int saved_offset, matched_offset;
+    size_t saved_offset, matched_offset;
 
     saved_offset = matched_offset = *ofs;
 
@@ -424,9 +424,9 @@ loop_greedy (const struct slre *r, int pc, const char *s, int len, int *ofs)
 }
 
 static void
-loop_non_greedy (const struct slre *r, int pc, const char *s,int len, int *ofs)
+loop_non_greedy (const struct slre *r, int pc, const char *s, size_t len, size_t *ofs)
 {
-    int saved_offset = *ofs;
+    size_t saved_offset = *ofs;
 
     while (match (r, pc + 2, s, len, ofs, NULL)) {
         saved_offset = *ofs;
@@ -438,7 +438,7 @@ loop_non_greedy (const struct slre *r, int pc, const char *s,int len, int *ofs)
 }
 
 static int
-is_any_of (const unsigned char *p, int len, const char *s, int *ofs)
+is_any_of (const unsigned char *p, int len, const char *s, size_t *ofs)
 {
     int i, ch;
 
@@ -454,7 +454,7 @@ is_any_of (const unsigned char *p, int len, const char *s, int *ofs)
 }
 
 static int
-is_any_but (const unsigned char *p, int len, const char *s, int *ofs)
+is_any_but (const unsigned char *p, int len, const char *s, size_t *ofs)
 {
     int i, ch;
 
@@ -469,9 +469,10 @@ is_any_but (const unsigned char *p, int len, const char *s, int *ofs)
 }
 
 static int
-match (const struct slre *r, int pc, const char *s, int len, int *ofs, struct cap *caps)
+match (const struct slre *r, int pc, const char *s, size_t len, size_t *ofs, struct cap *caps)
 {
-    int n, saved_offset, res = 1;
+    int res = 1;
+    size_t n, saved_offset;
 
     while (res && r->code [pc] != END) {
         assert (pc < r->code_size);
@@ -642,14 +643,14 @@ match (const struct slre *r, int pc, const char *s, int len, int *ofs, struct ca
 }
 
 int
-slre_match (const struct slre *r, const char *buf, int len, struct cap *caps)
+slre_match(const struct slre *r, const char *buf, size_t len, struct cap *caps)
 {
-    int ofs = 0;
     int res = 0;
+    size_t ofs = 0;
     if (r->anchored)
         res = match (r, 0, buf, len, &ofs, caps);
     else {
-        int i;
+        size_t i;
         for (i = 0; i < len && res == 0; i++) {
             ofs = i;
             res = match (r, 0, buf, len, &ofs, caps);

foreign/slre/slre.h

@@ -67,7 +67,7 @@ struct slre {
  */
 struct cap {
     const char   *ptr;       /* Pointer to the substring */
-    int          len;        /* Substring length     */
+    size_t        len;       /* Substring length     */
 };
 
 /*
@@ -86,7 +86,7 @@ int slre_compile(struct slre *, const char *re);
  * hold all captures. The caller function must make sure it is! So, the
  * array_size = number_of_round_bracket_pairs + 1
  */
-int slre_match(const struct slre *, const char *buf, int buf_len,
+int slre_match(const struct slre *, const char *buf, size_t buf_len,
     struct cap *captured_substrings);
 
 #endif /* SLRE_HEADER_DEFINED */

include/zgossip.h

@@ -80,11 +80,11 @@ extern "C" {
 //
 //  This is the zgossip constructor as a zactor_fn:
 //
-void
+CZMQ_EXPORT void
     zgossip (zsock_t *pipe, void *args);
 
 //  Self test of this class
-void
+CZMQ_EXPORT void
     zgossip_test (bool verbose);
 //  @end
 

src/zarmour.c

@@ -209,9 +209,9 @@ s_base64_encode (const byte *data, size_t length, const char *alphabet, bool pad
 
 
 static byte *
-s_base64_decode (const char *data, size_t *size, const char *alphabet, int linebreakchars)
+s_base64_decode (const char *data, size_t *size, const char *alphabet, size_t linebreakchars)
 {
-    int length = strlen (data);
+    size_t length = strlen (data);
     while (length > 0 && !strchr (alphabet, data[length - 1])) --length;
     const byte *needle = (const byte *) data, *ceiling = (const byte *) (data + length);
     length -= linebreakchars;
@@ -302,7 +302,7 @@ s_base32_encode (const byte *data, size_t length, const char *alphabet, bool pad
 
 
 static byte *
-s_base32_decode (const char *data, size_t *size, const char *alphabet, int linebreakchars)
+s_base32_decode (const char *data, size_t *size, const char *alphabet, size_t linebreakchars)
 {
     size_t length = strlen (data);
     while (length > 0 && !strchr (alphabet, _UPPER_CASE(data[length - 1]))) --length;
@@ -372,9 +372,9 @@ s_base16_encode (const byte *data, size_t length, const char *alphabet)
 }
 
 static byte *
-s_base16_decode (const char *data, size_t *size, const char *alphabet, int linebreakchars)
+s_base16_decode (const char *data, size_t *size, const char *alphabet, size_t linebreakchars)
 {
-    int length = strlen (data);
+    size_t length = strlen (data);
     const byte *needle = (const byte *) data, *ceiling = (const byte *) (data + length);
     length -= linebreakchars;
     *size = length / 2 + 1;
@@ -418,7 +418,7 @@ s_z85_decode (const char *data, size_t *size)
 {
     assert (data);
     assert (size);
-    int length = strlen (data);
+    size_t length = strlen (data);
     assert (length % 5 == 0);
     *size = 4 * length / 5 + 1;
     byte *bytes = (byte *) zmalloc (*size);
@@ -475,7 +475,7 @@ zarmour_encode (zarmour_t *self, const byte *data, size_t data_size)
     if (self->line_breaks && self->line_length > 0 && strlen (encoded) > self->line_length) {
 #endif
         char *line_end = self->line_end;
-        int nbr_lines = strlen (encoded) / self->line_length;
+        size_t nbr_lines = strlen (encoded) / self->line_length;
         size_t new_length =
             nbr_lines * (self->line_length + strlen (line_end)) +
             strlen (encoded) % self->line_length;
@@ -513,7 +513,7 @@ zarmour_decode (zarmour_t *self, const char *data, size_t *decode_size)
     assert (data);
     assert (decode_size);
 
-    int linebreakchars = 0;
+    size_t linebreakchars = 0;
     char *line_end = self->line_end;
     const char *pos = data;
     while ((pos = strstr (pos, line_end))) {

src/zconfig.c

@@ -173,7 +173,7 @@ zconfig_put (zconfig_t *self, const char *path, const char *value)
 
     //  Check length of next path segment
     const char *slash = strchr (path, '/');
-    int length = strlen (path);
+    size_t length = strlen (path);
     if (slash)
         length = slash - path;
 
@@ -287,7 +287,7 @@ zconfig_locate (zconfig_t *self, const char *path)
     if (*path == '/')
         path++;
     const char *slash = strchr (path, '/');
-    int length = strlen (path);
+    size_t length = strlen (path);
     if (slash)
         length = slash - path;
 
@@ -462,9 +462,12 @@ s_config_printf (zconfig_t *self, void *arg, char *format, ...)
         else
             fprintf ((FILE *) arg, "%s", string);
     }
-    int size = strlen (string);
+    size_t size = strlen (string);
     free (string);
-    return size;
+    if (size > INT_MAX)
+        return -1;
+
+    return (int) size;
 }
 
 
@@ -613,7 +616,7 @@ zconfig_chunk_load (zchunk_t *chunk)
         remaining -= cur_size + (eoln? 1: 0);
 
         //  Trim line
-        int length = strlen (cur_line);
+        size_t length = strlen (cur_line);
         while (length && isspace ((byte) cur_line [length - 1]))
             cur_line [--length] = 0;
 
@@ -674,21 +677,24 @@ zconfig_chunk_load (zchunk_t *chunk)
 }
 
 
-//  Count and verify indentation level, -1 means a syntax error
+//  Count and verify indentation level, -1 means a syntax error or overflow
 
 static int
 s_collect_level (char **start, int lineno)
 {
     char *readptr = *start;
     while (*readptr == ' ')
         readptr++;
-    int level = (readptr - *start) / 4;
+    ptrdiff_t level = (readptr - *start) / 4;
     if (level * 4 != readptr - *start) {
         zclock_log ("E (zconfig): (%d) indent 4 spaces at once", lineno);
         level = -1;
     }
     *start = readptr;
-    return level;
+    if (level > INT_MAX)
+        return -1;
+
+    return (int) level;
 }
 
 //  Collect property name

src/zdir.c

@@ -318,7 +318,7 @@ static int s_file_compare (void *item1, void *item2);
 zfile_t **
 zdir_flatten (zdir_t *self)
 {
-    int flat_size;
+    size_t flat_size;
     if (self)
         flat_size = self->count + 1;
     else

src/zfile.c

@@ -538,7 +538,13 @@ zfile_digest (zfile_t *self)
             zdigest_update (self->digest,
                             zchunk_data (chunk), zchunk_size (chunk));
             zchunk_destroy (&chunk);
-            offset += blocksz;
+
+            //  off_t is defined as long (32 bit on Windows, 64 bit otherwise)
+            //  This guards against overflow in both contexts.
+            if (blocksz > LONG_MAX - offset)
+                return NULL;
+
+            offset += (off_t) blocksz;
             chunk = zfile_read (self, blocksz, offset);
         }
         zchunk_destroy (&chunk);

src/zgossip_engine.inc

@@ -821,7 +821,7 @@ s_server_handle_pipe (zloop_t *loop, zsock_t *reader, void *argument)
         zconfig_put (self->config, path, value);
         if (streq (path, "server/animate")) {
             zsys_warning ("'%s' is deprecated, use VERBOSE command instead", path);
-            self->verbose = atoi (value);
+            self->verbose = atoi (value) != 0;
         }
         s_server_config_global (self);
         free (path);

src/zgossip_msg.c

@@ -155,7 +155,7 @@ struct _zgossip_msg_t {
 //  Put a string to the frame
 #define PUT_STRING(host) { \
     size_t string_size = strlen (host); \
-    PUT_NUMBER1 (string_size); \
+    PUT_NUMBER1 ((byte) string_size); \
     memcpy (self->needle, (host), string_size); \
     self->needle += string_size; \
 }

src/zhash.c

@@ -36,7 +36,7 @@
 typedef struct _item_t {
     void *value;                //  Opaque item value
     struct _item_t *next;       //  Next item in the hash slot
-    qbyte index;                //  Index of item in table
+    size_t index;               //  Index of item in table
     char *key;                  //  Item's original key
     zhash_free_fn *free_fn;     //  Value free function if any
 } item_t;
@@ -703,7 +703,8 @@ zhash_pack (zhash_t *self)
             needle += strlen ((char *) item->key);
 
             //  Store value as longstr
-            *(uint32_t *) needle = htonl (strlen ((char *) item->value));
+            size_t length = strlen ((char *) item->value);
+            *(uint32_t *) needle = htonl ((u_long) length);
             needle += 4;
             memcpy (needle, (char *) item->value, strlen ((char *) item->value));
             needle += strlen ((char *) item->value);

src/zhashx.c

@@ -42,7 +42,7 @@
 typedef struct _item_t {
     void *value;                //  Opaque item value
     struct _item_t *next;       //  Next item in the hash slot
-    qbyte index;                //  Index of item in table
+    size_t index;               //  Index of item in table
     const void *key;            //  Item's original key
     //  Supporting deprecated v2 functionality; we can't quite replace
     //  this with strdup/zstr_free as zhashx_insert also uses autofree.
@@ -824,7 +824,7 @@ zhashx_pack (zhashx_t *self)
         return NULL;
     byte *needle = zframe_data (frame);
     //  Store size as number-4
-    *(uint32_t *) needle = htonl ((uint32_t) self->size);
+    *(uint32_t *) needle = htonl ((u_long) self->size);
     needle += 4;
     for (index = 0; index < limit; index++) {
         item_t *item = self->items [index];
@@ -835,7 +835,8 @@ zhashx_pack (zhashx_t *self)
             needle += strlen ((char *) item->key);
 
             //  Store value as longstr
-            *(uint32_t *) needle = htonl (strlen ((char *) item->value));
+            size_t lenth = strlen ((char *) item->value);
+            *(uint32_t *) needle = htonl ((u_long) lenth);
             needle += 4;
             memcpy (needle, (char *) item->value, strlen ((char *) item->value));
             needle += strlen ((char *) item->value);

src/zlist.c

@@ -390,14 +390,14 @@ zlist_sort (zlist_t *self, zlist_compare_fn *compare)
         compare = self->compare_fn;
     //  Uses a comb sort, which is simple and reasonably fast.
     //  See http://en.wikipedia.org/wiki/Comb_sort
-    int gap = self->size;
+    size_t gap = self->size;
     bool swapped = false;
     while (gap > 1 || swapped) {
         if (gap > 1)
-            gap = (int) ((double) gap / 1.3);
+            gap = (size_t) ((double) gap / 1.3);
         node_t *base = self->head;
         node_t *test = self->head;
-        int jump = gap;
+        size_t jump = gap;
         while (jump--)
             test = test->next;
 

src/zlistx.c

@@ -449,13 +449,13 @@ zlistx_sort (zlistx_t *self)
     //  Uses a comb sort, which is simple and reasonably fast
     //  See http://en.wikipedia.org/wiki/Comb_sort
     assert (self);
-    int gap = self->size;
+    size_t gap = self->size;
     bool swapped = false;
     while (gap > 1 || swapped) {
-        gap = (int) ((double) gap / 1.3);
+        gap = (size_t) ((double) gap / 1.3);
         node_t *base = self->head->next;
         node_t *test = self->head->next;
-        int jump = gap;
+        size_t jump = gap;
         while (jump--)
             test = test->next;