[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 17/17] diff: add integer overflow checking
From: |
Paul Eggert |
Subject: |
[PATCH 17/17] diff: add integer overflow checking |
Date: |
Sun, 22 Aug 2021 14:03:06 -0700 |
* src/diff.c (option_list, main): Check for integer overflow
in some unlikely and hard-to-test cases.
---
src/diff.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/src/diff.c b/src/diff.c
index 36cc76a..a4e5538 100644
--- a/src/diff.c
+++ b/src/diff.c
@@ -245,7 +245,11 @@ option_list (char **optionvec, int count)
char *p;
for (i = 0; i < count; i++)
- size += 1 + shell_quote_length (optionvec[i]);
+ {
+ size_t optsize = 1 + shell_quote_length (optionvec[i]);
+ if (INT_ADD_WRAPV (optsize, size, &size))
+ xalloc_die ();
+ }
p = result = xmalloc (size);
@@ -402,8 +406,13 @@ main (int argc, char **argv)
"%>"
"#endif /* @ */\n");
- char *b = xmalloc (sizeof C_ifdef_group_formats
- + 7 * strlen (optarg) - 7 /* 7*"@" */);
+ size_t alloc = strlen (optarg);
+ if (INT_MULTIPLY_WRAPV (alloc, 7, &alloc)
+ || INT_ADD_WRAPV (alloc,
+ sizeof C_ifdef_group_formats - 7 /* 7*"@" */,
+ &alloc))
+ xalloc_die ();
+ char *b = xmalloc (alloc);
char *base = b;
int changes = 0;
--
2.31.1
- [PATCH 06/17] maint: omit unused function if not debugging, (continued)
- [PATCH 06/17] maint: omit unused function if not debugging, Paul Eggert, 2021/08/22
- [PATCH 12/17] diff3: simplify process_diff, Paul Eggert, 2021/08/22
- [PATCH 09/17] diff: remove printint, Paul Eggert, 2021/08/22
- [PATCH 14/17] diff: use mempcpy, Paul Eggert, 2021/08/22
- [PATCH 08/17] diff: remove INT_MAX limit on -F/-p searches, Paul Eggert, 2021/08/22
- [PATCH 03/17] diff3: suppress -fanalyzer alarms, Paul Eggert, 2021/08/22
- [PATCH 16/17] maint: refactor integer overflow checking, Paul Eggert, 2021/08/22
- [PATCH 04/17] maint: zalloc → xzalloc, Paul Eggert, 2021/08/22
- [PATCH 13/17] sdiff: fix unlikely memory leak, Paul Eggert, 2021/08/22
- [PATCH 02/17] maint: remove January workaround for Gnulib issue, Paul Eggert, 2021/08/22
- [PATCH 17/17] diff: add integer overflow checking,
Paul Eggert <=
- [PATCH 10/17] maint: lint → GCC_LINT, Paul Eggert, 2021/08/22
- [PATCH 05/17] maint: remove prepargs, Paul Eggert, 2021/08/22
- [PATCH 07/17] maint: .gitignore updates, Paul Eggert, 2021/08/22
- [PATCH 11/17] maint: modernize IF_LINT for GCC 11.2.1, Paul Eggert, 2021/08/22
- [PATCH 15/17] diff: avoid sprintf %s, Paul Eggert, 2021/08/22