From 066c6de79e03a54966cffc83aca0a724155005f2 Mon Sep 17 00:00:00 2001 From: Björn Svensson Date: Mon, 31 Jan 2022 10:43:16 +0100 Subject: Use size_t/long to avoid truncation Equivalent changes introduced to redis sds.c via: https://github.com/redis/redis/pull/4568 --- sds.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sds.c b/sds.c index 35baa05..d386140 100644 --- a/sds.c +++ b/sds.c @@ -174,7 +174,7 @@ void sdsfree(sds s) { * the output will be "6" as the string was modified but the logical length * remains 6 bytes. */ void sdsupdatelen(sds s) { - int reallen = strlen(s); + size_t reallen = strlen(s); sdssetlen(s, reallen); } @@ -580,7 +580,7 @@ sds sdscatprintf(sds s, const char *fmt, ...) { */ sds sdscatfmt(sds s, char const *fmt, ...) { const char *f = fmt; - int i; + long i; va_list ap; va_start(ap,fmt); @@ -755,14 +755,14 @@ int sdsrange(sds s, ssize_t start, ssize_t end) { /* Apply tolower() to every character of the sds string 's'. */ void sdstolower(sds s) { - int len = sdslen(s), j; + size_t len = sdslen(s), j; for (j = 0; j < len; j++) s[j] = tolower(s[j]); } /* Apply toupper() to every character of the sds string 's'. */ void sdstoupper(sds s) { - int len = sdslen(s), j; + size_t len = sdslen(s), j; for (j = 0; j < len; j++) s[j] = toupper(s[j]); } -- cgit v1.2.3 From 64062a1d40f558e0892ed0a7566d389c4e6eb904 Mon Sep 17 00:00:00 2001 From: Björn Svensson Date: Tue, 1 Feb 2022 14:48:42 +0100 Subject: Catch size_t overflows in sds.c Equivalent changes introduced to redis sds.c via: https://github.com/redis/redis/pull/8522 https://github.com/redis/redis/pull/9584 --- sds.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/sds.c b/sds.c index d386140..01b00f3 100644 --- a/sds.c +++ b/sds.c @@ -90,6 +90,7 @@ sds sdsnewlen(const void *init, size_t initlen) { int hdrlen = sdsHdrSize(type); unsigned char *fp; /* flags pointer. */ + assert(initlen + hdrlen + 1 > initlen); /* Catch size_t overflow */ sh = s_malloc(hdrlen+initlen+1); if (sh == NULL) return NULL; if (!init) @@ -196,7 +197,7 @@ void sdsclear(sds s) { sds sdsMakeRoomFor(sds s, size_t addlen) { void *sh, *newsh; size_t avail = sdsavail(s); - size_t len, newlen; + size_t len, newlen, reqlen; char type, oldtype = s[-1] & SDS_TYPE_MASK; int hdrlen; @@ -205,7 +206,8 @@ sds sdsMakeRoomFor(sds s, size_t addlen) { len = sdslen(s); sh = (char*)s-sdsHdrSize(oldtype); - newlen = (len+addlen); + reqlen = newlen = (len+addlen); + assert(newlen > len); /* Catch size_t overflow */ if (newlen < SDS_MAX_PREALLOC) newlen *= 2; else @@ -219,6 +221,7 @@ sds sdsMakeRoomFor(sds s, size_t addlen) { if (type == SDS_TYPE_5) type = SDS_TYPE_8; hdrlen = sdsHdrSize(type); + assert(hdrlen + newlen + 1 > reqlen); /* Catch size_t overflow */ if (oldtype==type) { newsh = s_realloc(sh, hdrlen+newlen+1); if (newsh == NULL) return NULL; -- cgit v1.2.3 From 00b82683bbec3652f836518c30fecdb0f5a3ea62 Mon Sep 17 00:00:00 2001 From: Björn Svensson Date: Wed, 2 Feb 2022 10:44:52 +0100 Subject: Handle overflows as errors instead of asserting --- sds.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sds.c b/sds.c index 01b00f3..a20ba19 100644 --- a/sds.c +++ b/sds.c @@ -90,7 +90,7 @@ sds sdsnewlen(const void *init, size_t initlen) { int hdrlen = sdsHdrSize(type); unsigned char *fp; /* flags pointer. */ - assert(initlen + hdrlen + 1 > initlen); /* Catch size_t overflow */ + if (hdrlen+initlen+1 <= initlen) return NULL; /* Catch size_t overflow */ sh = s_malloc(hdrlen+initlen+1); if (sh == NULL) return NULL; if (!init) @@ -207,7 +207,7 @@ sds sdsMakeRoomFor(sds s, size_t addlen) { len = sdslen(s); sh = (char*)s-sdsHdrSize(oldtype); reqlen = newlen = (len+addlen); - assert(newlen > len); /* Catch size_t overflow */ + if (newlen <= len) return NULL; /* Catch size_t overflow */ if (newlen < SDS_MAX_PREALLOC) newlen *= 2; else @@ -221,7 +221,7 @@ sds sdsMakeRoomFor(sds s, size_t addlen) { if (type == SDS_TYPE_5) type = SDS_TYPE_8; hdrlen = sdsHdrSize(type); - assert(hdrlen + newlen + 1 > reqlen); /* Catch size_t overflow */ + if (hdrlen+newlen+1 <= reqlen) return NULL; /* Catch size_t overflow */ if (oldtype==type) { newsh = s_realloc(sh, hdrlen+newlen+1); if (newsh == NULL) return NULL; -- cgit v1.2.3