diff options
author | Michael Stone <michael@laptop.org> | 2008-01-25 08:41:37 (GMT) |
---|---|---|
committer | Michael Stone <michael@laptop.org> | 2008-01-25 08:41:37 (GMT) |
commit | 5426c37456b3e12105ed46713e544d0aea81b392 (patch) | |
tree | 68db5530d7397929bf8df5df78da57bb63e85b2e | |
parent | 9c373de91bc963e1ff675e12ef5201b31193407f (diff) |
Detect or avoid integer overflow in string formatting helpers.
-rw-r--r-- | nss-rainbow.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/nss-rainbow.c b/nss-rainbow.c index 533ca88..c108799 100644 --- a/nss-rainbow.c +++ b/nss-rainbow.c @@ -51,7 +51,8 @@ int write_buf(char** buf, size_t * buflen, const char* val) * *buf and val should not overlap. */ - size_t copy_amt = strlen(val) + 1; + LET(size_t copy_amt = strlen(val) + 1, copy_amt == 0, + "Integer overflow.", out_err_overflow); if (*buflen < copy_amt) goto out_err_range; @@ -62,6 +63,10 @@ int write_buf(char** buf, size_t * buflen, const char* val) *buflen -= copy_amt; return 1; +out_err_overflow: + errno = EOVERFLOW; + return 0; + out_err_range: errno = ERANGE; return 0; @@ -93,13 +98,14 @@ int format_buf(char** buf, size_t* buflen, const char* fmt, ...) if (status < 0) goto out_err; - if (safe_buflen < (size_t) status) { + size_t written = (size_t) status; + if (safe_buflen < written) { errno = ERANGE; goto out_err; } - *buf += status+1; - *buflen -= status+1; + *buf += written+1; + *buflen -= written+1; return 1; out_err: |