Skip to content

G
git

李少辉-开发者 / git
与 Fork 源项目一致

从无法访问的项目Fork

通知 2
Star 1
Fork 0
G
git

体验新版 GitCode,发现更多精彩内容 >>

提交 b308bf18 编写于 作者: J Junio C Hamano
浏览文件
操作

Merge branch 'maint' 

* maint:
  compat: helper for detecting unsigned overflow
上级 1a9fe453 1368f650
隐藏空白更改
内联 并排
Showing with 11 addition and 4 deletion
git-compat-util.h
浏览文件 @ b308bf18
...@@ -31,6 +31,9 @@ ...@@ -31,6 +31,9 @@
#define maximum_signed_value_of_type(a) \ #define maximum_signed_value_of_type(a) \
(INTMAX_MAX >> (bitsizeof(intmax_t) - bitsizeof(a))) (INTMAX_MAX >> (bitsizeof(intmax_t) - bitsizeof(a)))
#define maximum_unsigned_value_of_type(a) \
(UINTMAX_MAX >> (bitsizeof(uintmax_t) - bitsizeof(a)))
/* /*
* Signed integer overflow is undefined in C, so here's a helper macro * Signed integer overflow is undefined in C, so here's a helper macro
* to detect if the sum of two integers will overflow. * to detect if the sum of two integers will overflow.
...@@ -40,6 +43,9 @@ ...@@ -40,6 +43,9 @@
#define signed_add_overflows(a, b) \ #define signed_add_overflows(a, b) \
((b) > maximum_signed_value_of_type(a) - (a)) ((b) > maximum_signed_value_of_type(a) - (a))
#define unsigned_add_overflows(a, b) \
((b) > maximum_unsigned_value_of_type(a) - (a))
#ifdef __GNUC__ #ifdef __GNUC__
#define TYPEOF(x) (__typeof__(x)) #define TYPEOF(x) (__typeof__(x))
#else #else
......
patch-delta.c
浏览文件 @ b308bf18
...@@ -48,7 +48,7 @@ void *patch_delta(const void *src_buf, unsigned long src_size, ...@@ -48,7 +48,7 @@ void *patch_delta(const void *src_buf, unsigned long src_size,
if (cmd & 0x20) cp_size |= (*data++ << 8); if (cmd & 0x20) cp_size |= (*data++ << 8);
if (cmd & 0x40) cp_size |= (*data++ << 16); if (cmd & 0x40) cp_size |= (*data++ << 16);
if (cp_size == 0) cp_size = 0x10000; if (cp_size == 0) cp_size = 0x10000;
if (cp_off + cp_size < cp_size || if (unsigned_add_overflows(cp_off, cp_size) ||
cp_off + cp_size > src_size || cp_off + cp_size > src_size ||
cp_size > size) cp_size > size)
break; break;
......
strbuf.c
浏览文件 @ b308bf18
...@@ -63,7 +63,8 @@ void strbuf_attach(struct strbuf *sb, void *buf, size_t len, size_t alloc) ...@@ -63,7 +63,8 @@ void strbuf_attach(struct strbuf *sb, void *buf, size_t len, size_t alloc)
void strbuf_grow(struct strbuf *sb, size_t extra) void strbuf_grow(struct strbuf *sb, size_t extra)
{ {
if (sb->len + extra + 1 <= sb->len) if (unsigned_add_overflows(extra, 1) ||
unsigned_add_overflows(sb->len, extra + 1))
die("you want to use way too much memory"); die("you want to use way too much memory");
if (!sb->alloc) if (!sb->alloc)
sb->buf = NULL; sb->buf = NULL;
...@@ -152,7 +153,7 @@ int strbuf_cmp(const struct strbuf *a, const struct strbuf *b) ...@@ -152,7 +153,7 @@ int strbuf_cmp(const struct strbuf *a, const struct strbuf *b)
void strbuf_splice(struct strbuf *sb, size_t pos, size_t len, void strbuf_splice(struct strbuf *sb, size_t pos, size_t len,
const void *data, size_t dlen) const void *data, size_t dlen)
{ {
if (pos + len < pos) if (unsigned_add_overflows(pos, len))
die("you want to use way too much memory"); die("you want to use way too much memory");
if (pos > sb->len) if (pos > sb->len)
die("`pos' is too far after the end of the buffer"); die("`pos' is too far after the end of the buffer");
......
wrapper.c
浏览文件 @ b308bf18
...@@ -53,7 +53,7 @@ void *xmalloc(size_t size) ...@@ -53,7 +53,7 @@ void *xmalloc(size_t size)
void *xmallocz(size_t size) void *xmallocz(size_t size)
{ {
void *ret; void *ret;
if (size + 1 < size) if (unsigned_add_overflows(size, 1))
die("Data too large to fit into virtual memory space."); die("Data too large to fit into virtual memory space.");
ret = xmalloc(size + 1); ret = xmalloc(size + 1);
((char*)ret)[size] = 0; ((char*)ret)[size] = 0;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册