diff options
| author | Kaz Kylheku <kaz@kylheku.com> | 2019-09-12 06:55:22 -0700 |
|---|---|---|
| committer | Kaz Kylheku <kaz@kylheku.com> | 2019-09-12 06:55:22 -0700 |
| commit | 260662d47b30a0e43d23df45ada15a4b28108256 (patch) | |
| tree | 06cb7278abcd8f8004874be85834bcbe5be347c9 | |
| parent | d44208772d9a1366032b8f4032c98ddfab96187f (diff) | |
| download | txr-260662d47b30a0e43d23df45ada15a4b28108256.tar.gz txr-260662d47b30a0e43d23df45ada15a4b28108256.tar.bz2 txr-260662d47b30a0e43d23df45ada15a4b28108256.zip | |
Improve overflow checks in string catenation.
* lib.c (cat_str, vscat): Use size_t type for the total, so
that the wrapping behavior we depend on for overflow detection
is well-defined. Also, there was an overflow check missing for
the total + 1 beign passed to chk_wmalloc. Instead of adding
that overflow check, let's just start the total at 1.
| -rw-r--r-- | lib.c | 16 |
1 files changed, 8 insertions, 8 deletions
@@ -3896,7 +3896,7 @@ val replace_str(val str_in, val items, val from, val to) val cat_str(val list, val sep) { - cnum total = 0; + size_t total = 1; val iter; wchar_t *str, *ptr; wchar_t onech[] = wini(" "); @@ -3917,7 +3917,7 @@ val cat_str(val list, val sep) if (!item) continue; if (stringp(item)) { - cnum ntotal = total + c_num(length_str(item)); + size_t ntotal = total + c_num(length_str(item)); if (len_sep && cdr(iter)) ntotal += len_sep; @@ -3930,7 +3930,7 @@ val cat_str(val list, val sep) continue; } if (chrp(item)) { - cnum ntotal = total + 1; + size_t ntotal = total + 1; if (len_sep && cdr(iter)) ntotal += len_sep; @@ -3946,7 +3946,7 @@ val cat_str(val list, val sep) item, nao); } - str = chk_wmalloc(total + 1); + str = chk_wmalloc(total); for (ptr = str, iter = list; iter != nil; iter = cdr(iter)) { val item = car(iter); @@ -3976,7 +3976,7 @@ oflow: static val vscat(val sep, va_list vl1, va_list vl2) { - cnum total = 0; + size_t total = 1; val item, next; wchar_t *str, *ptr; cnum len_sep = (!null_or_missing_p(sep)) ? c_num(length_str(sep)) : 0; @@ -3986,7 +3986,7 @@ static val vscat(val sep, va_list vl1, va_list vl2) next = va_arg(vl1, val); if (stringp(item)) { - cnum ntotal = total + c_num(length_str(item)); + size_t ntotal = total + c_num(length_str(item)); if (len_sep && next != nao) ntotal += len_sep; @@ -3999,7 +3999,7 @@ static val vscat(val sep, va_list vl1, va_list vl2) continue; } if (chrp(item)) { - cnum ntotal = total + 1; + size_t ntotal = total + 1; if (len_sep && next != nao) ntotal += len_sep; @@ -4015,7 +4015,7 @@ static val vscat(val sep, va_list vl1, va_list vl2) item, nao); } - str = chk_wmalloc(total + 1); + str = chk_wmalloc(total); for (ptr = str, item = va_arg(vl2, val); item != nao; item = next) { |