Skip to content

M
mruby
Commit 48f36d3f authored by Yukihiro "Matz" Matsumoto's avatar Yukihiro "Matz" Matsumoto
Browse files
Options

better integer size assertion suggested by usak

parent 83c1399a
Hide whitespace changes
Inline Side-by-side
Showing with 27 additions and 27 deletions
include/mruby.h
View file @ 48f36d3f
......@@ -415,8 +415,10 @@ void* mrb_alloca(mrb_state *mrb, size_t);
#ifdef MRB_DEBUG
#include <assert.h>
#define mrb_assert(p) assert(p)
#define mrb_assert_int_fit(t1,n,t2,max) assert((n)>=0 && ((sizeof(n)<=sizeof(t2))||(n<=(t1)(max))))
#else
#define mrb_assert(p) ((void)0)
#define mrb_assert_int_fit(t1,n,t2,max) ((void)0)
#endif
#if defined(__cplusplus)
......
src/codegen.c
View file @ 48f36d3f
......@@ -719,7 +719,7 @@ attrsym(codegen_scope *s, mrb_sym a)
+ 1 /* '=' */
+ 1 /* '\0' */
);
mrb_assert(len > 0);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
memcpy(name2, name, (size_t)len);
name2[len] = '=';
name2[len+1] = '\0';
......
src/dump.c
View file @ 48f36d3f
......@@ -89,7 +89,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
str = mrb_fixnum_to_str(mrb, irep->pool[pool_no], 10);
{
mrb_int len = RSTRING_LEN(str);
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
size += (size_t)len;
}
break;
......@@ -98,7 +98,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
{
int len;
len = mrb_float_to_str(buf, mrb_float(irep->pool[pool_no]));
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
size += (size_t)len;
}
break;
......@@ -106,7 +106,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
case MRB_TT_STRING:
{
mrb_int len = RSTRING_LEN(irep->pool[pool_no]);
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
size += (size_t)len;
}
break;
......@@ -142,9 +142,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
char_ptr = RSTRING_PTR(str);
{
mrb_int tlen;
tlen = RSTRING_LEN(str);
mrb_assert(tlen >= 0);
mrb_assert(tlen <= INT16_MAX);
mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
len = (uint16_t)tlen;
}
break;
......@@ -154,8 +154,7 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
{
int tlen;
tlen = mrb_float_to_str(char_buf, mrb_float(irep->pool[pool_no]));
mrb_assert(tlen >= 0);
mrb_assert(tlen <= INT16_MAX);
mrb_assert_int_fit(int, tlen, uint16_t, UINT16_MAX);
len = (uint16_t)tlen;
}
char_ptr = &char_buf[0];
......@@ -166,9 +165,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
char_ptr = RSTRING_PTR(irep->pool[pool_no]);
{
mrb_int tlen;
tlen = RSTRING_LEN(irep->pool[pool_no]);
mrb_assert(tlen >= 0);
mrb_assert(tlen <= INT16_MAX);
mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
len = (uint16_t)tlen;
}
break;
......@@ -222,7 +221,7 @@ write_syms_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
name = mrb_sym2name_len(mrb, irep->syms[sym_no], &len);
mrb_assert(len <= UINT16_MAX);
mrb_assert_int_fit(mrb_int, len, uint16_t, UINT16_MAX);
cur += uint16_to_bin((uint16_t)len, cur); /* length of symbol name */
memcpy(cur, name, len); /* symbol name */
cur += (uint16_t)len;
......@@ -315,7 +314,8 @@ write_section_irep_header(mrb_state *mrb, size_t section_size, uint8_t *bin)
struct rite_section_irep_header *header = (struct rite_section_irep_header*)bin;
memcpy(header->section_identify, RITE_SECTION_IREP_IDENTIFIER, sizeof(header->section_identify));
mrb_assert(section_size <= UINT32_MAX);
mrb_assert_int_fit(size_t, section_size, uint32_t, UINT32_MAX);
uint32_to_bin((uint32_t)section_size, header->section_size);
memcpy(header->rite_version, RITE_VM_VER, sizeof(header->rite_version));
......@@ -392,7 +392,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
} else {
filename_len = 0;
}
mrb_assert(filename_len <= UINT16_MAX);
mrb_assert_int_fit(size_t, filename_len, uint16_t, UINT16_MAX);
cur += uint16_to_bin((uint16_t)filename_len, cur); /* filename size */
if (filename_len) {
......@@ -401,7 +401,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
}
if (irep->lines) {
mrb_assert(irep->ilen <= UINT32_MAX);
mrb_assert_int_fit(size_t, irep->ilen, uint32_t, UINT32_MAX);
cur += uint32_to_bin((uint32_t)(irep->ilen), cur); /* niseq */
for (iseq_no = 0; iseq_no < irep->ilen; iseq_no++) {
cur += uint16_to_bin(irep->lines[iseq_no], cur); /* opcode */
......@@ -412,12 +412,11 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
}
diff = cur - bin;
mrb_assert(diff >= 0);
mrb_assert((uint32_t)diff <= UINT32_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, uint32_t, UINT32_MAX);
uint32_to_bin((uint32_t)diff, bin); /* record size */
mrb_assert((size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
return (size_t)diff;
}
......@@ -565,8 +564,7 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
/* filename index */
filename_idx = find_filename_index(filenames, filenames_len,
file->filename_sym);
mrb_assert(filename_idx >= 0);
mrb_assert(filename_idx <= UINT16_MAX);
mrb_assert_int_fit(int, filename_idx, uint16_t, UINT16_MAX);
cur += uint16_to_bin((uint16_t)filename_idx, cur);
/* lines */
......@@ -593,10 +591,10 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
}
ret = cur - bin;
mrb_assert(ret >= 0 && (uint32_t)ret <= UINT32_MAX);
mrb_assert_int_fit(ptrdiff_t, ret, uint32_t, UINT32_MAX);
uint32_to_bin(ret, bin);
mrb_assert(ret >= 0 && (size_t)ret <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, ret, size_t, SIZE_MAX);
return (size_t)ret;
}
......
src/load.c
View file @ 48f36d3f
......@@ -156,7 +156,7 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, size_t *len, mrb_bool all
irep->reps = (mrb_irep**)mrb_malloc(mrb, sizeof(mrb_irep*)*irep->rlen);
diff = src - bin;
mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
*len = (size_t)diff;
return irep;
......@@ -333,7 +333,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
}
diff = bin - start;
mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
if (record_size != (size_t)diff) {
return MRB_DUMP_GENERAL_FAILURE;
......@@ -349,7 +349,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
}
diff = bin - start;
mrb_assert(diff >=0 && (size_t)diff <= SIZE_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
*record_len = (size_t)diff;
return MRB_DUMP_OK;
......@@ -391,7 +391,7 @@ read_section_debug(mrb_state *mrb, const uint8_t *start, mrb_irep *irep, mrb_boo
bin += len;
diff = bin - start;
mrb_assert(diff >= 0 && (size_t)diff <= UINT32_MAX);
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
if ((uint32_t)diff != bin_to_uint32(header->section_size)) {
result = MRB_DUMP_GENERAL_FAILURE;
}
......
src/string.c
View file @ 48f36d3f
......@@ -272,7 +272,7 @@ str_buf_cat(mrb_state *mrb, struct RString *s, const char *ptr, size_t len)
ptr = STR_PTR(s) + off;
}
memcpy(STR_PTR(s) + STR_LEN(s), ptr, len);
mrb_assert(total <= MRB_INT_MAX);
mrb_assert_int_fit(size_t, total, mrb_int, MRB_INT_MAX);
STR_SET_LEN(s, total);
STR_PTR(s)[total] = '\0'; /* sentinel */
}
......
src/symbol.c
View file @ 48f36d3f
......@@ -401,7 +401,7 @@ sym_inspect(mrb_state *mrb, mrb_value sym)
sp = RSTRING_PTR(str);
RSTRING_PTR(str)[0] = ':';
memcpy(sp+1, name, len);
mrb_assert(len > 0 && (size_t)len <= SIZE_MAX);
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
if (!symname_p(name) || strlen(name) != (size_t)len) {
str = mrb_str_dump(mrb, str);
sp = RSTRING_PTR(str);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment