Skip to content

G
git2
Commit ec3b4d35 by Edward Thomson Committed by Edward Thomson
Options

Use `size_t` to hold size of arrays 

Use `size_t` to hold the size of arrays to ease overflow checking,
lest we check for overflow of a `size_t` then promptly truncate
by packing the length into a smaller type.
parent 2884cc42
Showing with 30 additions and 14 deletions
src/array.h
......@@ -23,7 +23,7 @@
*
* typedef git_array_t(my_struct) my_struct_array_t;
*/
#define git_array_t(type) struct { type *ptr; uint32_t size, asize; }
#define git_array_t(type) struct { type *ptr; size_t size, asize; }
#define GIT_ARRAY_INIT { NULL, 0, 0 }
......@@ -45,7 +45,7 @@ typedef git_array_t(char) git_array_generic_t;
GIT_INLINE(void *) git_array_grow(void *_a, size_t item_size)
{
volatile git_array_generic_t *a = _a;
uint32_t new_size;
size_t new_size;
char *new_array;
if (a->size < 8) {
......
src/filebuf.c
......@@ -408,8 +408,8 @@ int git_filebuf_reserve(git_filebuf *file, void **buffer, size_t len)
int git_filebuf_printf(git_filebuf *file, const char *format, ...)
{
va_list arglist;
size_t space_left;
int len, res;
size_t space_left, len;
int written, res;
char *tmp_buffer;
ENSURE_BUF_OK(file);
......@@ -418,15 +418,16 @@ int git_filebuf_printf(git_filebuf *file, const char *format, ...)
do {
va_start(arglist, format);
len = p_vsnprintf((char *)file->buffer + file->buf_pos, space_left, format, arglist);
written = p_vsnprintf((char *)file->buffer + file->buf_pos, space_left, format, arglist);
va_end(arglist);
if (len < 0) {
if (written < 0) {
file->last_error = BUFERR_MEM;
return -1;
}
if ((size_t)len + 1 <= space_left) {
len = written;
if (len + 1 <= space_left) {
file->buf_pos += len;
return 0;
}
......@@ -436,7 +437,7 @@ int git_filebuf_printf(git_filebuf *file, const char *format, ...)
space_left = file->buf_size - file->buf_pos;
} while ((size_t)len + 1 <= space_left);
} while (len + 1 <= space_left);
if (GIT_ALLOC_OVERFLOW_ADD(len, 1) ||
!(tmp_buffer = git__malloc(len + 1))) {
......
src/pack-objects.c
......@@ -190,6 +190,7 @@ int git_packbuilder_insert(git_packbuilder *pb, const git_oid *oid,
{
git_pobject *po;
khiter_t pos;
size_t newsize;
int ret;
assert(pb && oid);
......@@ -203,7 +204,14 @@ int git_packbuilder_insert(git_packbuilder *pb, const git_oid *oid,
if (pb->nr_objects >= pb->nr_alloc) {
GITERR_CHECK_ALLOC_ADD(pb->nr_alloc, 1024);
GITERR_CHECK_ALLOC_MULTIPLY(pb->nr_alloc + 1024, 3 / 2);
pb->nr_alloc = (pb->nr_alloc + 1024) * 3 / 2;
newsize = (pb->nr_alloc + 1024) * 3 / 2;
if (!git__is_uint32(newsize)) {
giterr_set(GITERR_NOMEMORY, "Packfile too large to fit in memory.");
return -1;
}
pb->nr_alloc = (uint32_t)newsize;
pb->object_list = git__reallocarray(pb->object_list,
pb->nr_alloc, sizeof(*po));
......
src/transports/smart_pkt.c
......@@ -484,7 +484,7 @@ static int buffer_want_with_caps(const git_remote_head *head, transport_smart_ca
{
git_buf str = GIT_BUF_INIT;
char oid[GIT_OID_HEXSZ +1] = {0};
unsigned int len;
size_t len;
/* Prefer multi_ack_detailed */
if (caps->multi_ack_detailed)
......@@ -510,12 +510,19 @@ static int buffer_want_with_caps(const git_remote_head *head, transport_smart_ca
if (git_buf_oom(&str))
return -1;
len = (unsigned int)
(strlen("XXXXwant ") + GIT_OID_HEXSZ + 1 /* NUL */ +
git_buf_len(&str) + 1 /* LF */);
len = strlen("XXXXwant ") + GIT_OID_HEXSZ + 1 /* NUL */ +
git_buf_len(&str) + 1 /* LF */;
if (len > 0xffff) {
giterr_set(GITERR_NET,
"Tried to produce packet with invalid length %d", len);
return -1;
}
git_buf_grow_by(buf, len);
git_oid_fmt(oid, &head->oid);
git_buf_printf(buf, "%04xwant %s %s\n", len, oid, git_buf_cstr(&str));
git_buf_printf(buf,
"%04xwant %s %s\n", (unsigned int)len, oid, git_buf_cstr(&str));
git_buf_free(&str);
return git_buf_oom(buf);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment