From a14047894ed3368c80fae349a1499b7d0b4d16db Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Tue, 6 May 2025 18:21:26 -0700
Subject: buf: remove array size checks from bit ops.

The length of a buffer is capped by the range of cnum,
which is a subrange of ucnum. A buffer can never be
so big that it can't be iterated by a
for (i = 0; i < len; i++) loop, where i and len
are of type ucnum.

* buf.c (buf_ash): In this function, we potentially
create a longer buffer than the input, and so here
it makes sense to check for the new length being
out of the range of cnum; i.e. beyond INT_PTR_MAX.
We keep the check but change the threshold.
(buf_and, buf_test, buf_or, buf_xor, buf_not):
Remove checks on existing length.
---
 buf.c | 16 +---------------
 1 file changed, 1 insertion(+), 15 deletions(-)

diff --git a/buf.c b/buf.c
index c36d1c0c..e83eb121 100644
--- a/buf.c
+++ b/buf.c
@@ -1402,7 +1402,7 @@ val buf_ash(val buf, val bits)
     ucnum bytes = b / 8;
     ucnum nlen = len + bytes;
 
-    if (nlen < len || nlen >= convert(ucnum, -2))
+    if (nlen < len || nlen > convert(ucnum, INT_PTR_MAX))
       err_oflow(self);
 
     if (r == 0 || nlen == 0) {
@@ -1543,9 +1543,6 @@ val buf_and(val bufa, val bufb)
     return make_buf(ab->len, zero, ab->len);
   } else if (la < lb) {
     return buf_and(bufb, bufa);
-  } else if (la == convert(ucnum, -1)) {
-    err_oflow(self);
-    abort();
   } else {
     val obuf = make_ubuf(la);
     ucnum delta = la - lb;
@@ -1573,9 +1570,6 @@ val buf_test(val bufa, val bufb)
     return nil;
   } else if (la < lb) {
     return buf_test(bufb, bufa);
-  } else if (la == convert(ucnum, -1)) {
-    err_oflow(self);
-    abort();
   } else {
     ucnum delta = la - lb;
     ucnum i;
@@ -1603,9 +1597,6 @@ val buf_or(val bufa, val bufb)
     return bufa;
   } else if (la < lb) {
     return buf_or(bufb, bufa);
-  } else if (la == convert(ucnum, -1)) {
-    err_oflow(self);
-    abort();
   } else {
     val obuf = make_ubuf(la);
     ucnum delta = la - lb;
@@ -1635,9 +1626,6 @@ val buf_xor(val bufa, val bufb)
     return bufa;
   } else if (la < lb) {
     return buf_xor(bufb, bufa);
-  } else if (la == convert(ucnum, -1)) {
-    err_oflow(self);
-    abort();
   } else {
     val obuf = make_ubuf(la);
     ucnum delta = la - lb;
@@ -1661,8 +1649,6 @@ val buf_not(val buf)
 
   if (l == 0) {
     return buf;
-  } else if (l == convert(ucnum, -1)) {
-    uw_throwf(error_s, lit("~a: array size overflow"), self, nao);
   } else {
     val obuf = make_ubuf(l);
     struct buf *ob = buf_handle(obuf, self);
-- 
cgit v1.2.3