git: 5260fbcebdfc - main - fix check for integer
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 30 Jan 2022 16:28:43 UTC
The branch main has been updated by wosch: URL: https://cgit.FreeBSD.org/src/commit/?id=5260fbcebdfcf2c17f9575bfbe9a34c97d56ea0a commit 5260fbcebdfcf2c17f9575bfbe9a34c97d56ea0a Author: Wolfram Schneider <wosch@FreeBSD.org> AuthorDate: 2022-01-30 16:27:27 +0000 Commit: Wolfram Schneider <wosch@FreeBSD.org> CommitDate: 2022-01-30 16:27:27 +0000 fix check for integer For historical reasons, the integer is stored with an offset of plus 14. That means, for a given max path length of 1024 the valid values are -1009 .. 1037 and not -1023 .. 1023 PR: 201243 --- usr.bin/locate/locate/util.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/usr.bin/locate/locate/util.c b/usr.bin/locate/locate/util.c index ff64b5a952d3..77d8f7e58079 100644 --- a/usr.bin/locate/locate/util.c +++ b/usr.bin/locate/locate/util.c @@ -223,16 +223,20 @@ getwm(p) } u; register int i, hi; + /* the integer is stored by an offset of 14 (!!!) */ + int i_max = MAXPATHLEN + OFFSET; + int i_min = -(MAXPATHLEN - OFFSET); + for (i = 0; i < (int)INTSIZE; i++) u.buf[i] = *p++; i = u.i; - if (i > MAXPATHLEN || i < -(MAXPATHLEN)) { + if (i >= i_max || i <= i_min) { hi = ntohl(i); - if (hi > MAXPATHLEN || hi < -(MAXPATHLEN)) - errx(1, "integer out of +-MAXPATHLEN (%d): %u", - MAXPATHLEN, abs(i) < abs(hi) ? i : hi); + if (hi >= i_max || hi <= i_min) + errx(1, "integer out of range: %d < %d < %d", + i_min, abs(i) < abs(hi) ? i : hi, i_max); return(hi); } return(i); @@ -251,14 +255,16 @@ getwf(fp) FILE *fp; { register int word, hword; + int i_max = MAXPATHLEN + OFFSET; + int i_min = -(MAXPATHLEN - OFFSET); word = getw(fp); - if (word > MAXPATHLEN || word < -(MAXPATHLEN)) { + if (word >= i_max || word <= i_min) { hword = ntohl(word); - if (hword > MAXPATHLEN || hword < -(MAXPATHLEN)) - errx(1, "integer out of +-MAXPATHLEN (%d): %u", - MAXPATHLEN, abs(word) < abs(hword) ? word : hword); + if (hword >= i_max || hword <= i_min) + errx(1, "integer out of range: %d < %d < %d", + i_min, abs(word) < abs(hword) ? word : hword, i_max); return(hword); } return(word);