better integer size assertion suggested by usak

author: Yukihiro "Matz" Matsumoto <[email protected]> 2014-04-25 04:33:08 +0900
committer: Yukihiro "Matz" Matsumoto <[email protected]> 2014-04-25 04:33:08 +0900
commit: 48f36d3f0ef9e1672a7eca95f289156095fc9f26 (patch)
tree: e26091b4a35d41bc2cd7780dcbb96a7cfa916a55
parent: 83c1399af0d750e7a629dbf0ed6b7d0f59cf79ec (diff)
download: mruby-48f36d3f0ef9e1672a7eca95f289156095fc9f26.tar.gz
mruby-48f36d3f0ef9e1672a7eca95f289156095fc9f26.zip
6 files changed, 27 insertions, 27 deletions
diff --git a/include/mruby.h b/include/mruby.h
index 9615980a2..9cf578836 100644
--- a/include/mruby.h
+++ b/include/mruby.h
@@ -415,8 +415,10 @@ void* mrb_alloca(mrb_state *mrb, size_t);
 #ifdef MRB_DEBUG
 #include <assert.h>
 #define mrb_assert(p) assert(p)
+#define mrb_assert_int_fit(t1,n,t2,max) assert((n)>=0 && ((sizeof(n)<=sizeof(t2))||(n<=(t1)(max))))
 #else
 #define mrb_assert(p) ((void)0)
+#define mrb_assert_int_fit(t1,n,t2,max) ((void)0)
 #endif
 
 #if defined(__cplusplus)
diff --git a/src/codegen.c b/src/codegen.c
index bd671ba37..b35599470 100644
--- a/src/codegen.c
+++ b/src/codegen.c
@@ -719,7 +719,7 @@ attrsym(codegen_scope *s, mrb_sym a)
                                  + 1 /* '=' */
                                  + 1 /* '\0' */
                                  );
-  mrb_assert(len > 0);
+  mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
   memcpy(name2, name, (size_t)len);
   name2[len] = '=';
   name2[len+1] = '\0';
diff --git a/src/dump.c b/src/dump.c
index 97e0fc3c9..beaed7e7d 100644
--- a/src/dump.c
+++ b/src/dump.c
@@ -89,7 +89,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
       str = mrb_fixnum_to_str(mrb, irep->pool[pool_no], 10);
       {
         mrb_int len = RSTRING_LEN(str);
-        mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
+        mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
         size += (size_t)len;
       }
       break;
@@ -98,7 +98,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
       {
         int len;
         len = mrb_float_to_str(buf, mrb_float(irep->pool[pool_no]));
-        mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
+        mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
         size += (size_t)len;
       }
       break;
@@ -106,7 +106,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
     case MRB_TT_STRING:
       {
         mrb_int len = RSTRING_LEN(irep->pool[pool_no]);
-        mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
+        mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
         size += (size_t)len;
       }
       break;
@@ -142,9 +142,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
       char_ptr = RSTRING_PTR(str);
       {
         mrb_int tlen;
+
         tlen = RSTRING_LEN(str);
-        mrb_assert(tlen >= 0);
-        mrb_assert(tlen <= INT16_MAX);
+        mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
         len = (uint16_t)tlen;
       }
       break;
@@ -154,8 +154,7 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
       {
         int tlen;
         tlen = mrb_float_to_str(char_buf, mrb_float(irep->pool[pool_no]));
-        mrb_assert(tlen >= 0);
-        mrb_assert(tlen <= INT16_MAX);
+        mrb_assert_int_fit(int, tlen, uint16_t, UINT16_MAX);
         len = (uint16_t)tlen;
       }
       char_ptr = &char_buf[0];
@@ -166,9 +165,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
       char_ptr = RSTRING_PTR(irep->pool[pool_no]);
       {
         mrb_int tlen;
+
         tlen = RSTRING_LEN(irep->pool[pool_no]);
-        mrb_assert(tlen >= 0);
-        mrb_assert(tlen <= INT16_MAX);
+        mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
         len = (uint16_t)tlen;
       }
       break;
@@ -222,7 +221,7 @@ write_syms_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
 
       name = mrb_sym2name_len(mrb, irep->syms[sym_no], &len);
 
-      mrb_assert(len <= UINT16_MAX);
+      mrb_assert_int_fit(mrb_int, len, uint16_t, UINT16_MAX);
       cur += uint16_to_bin((uint16_t)len, cur); /* length of symbol name */
       memcpy(cur, name, len); /* symbol name */
       cur += (uint16_t)len;
@@ -315,7 +314,8 @@ write_section_irep_header(mrb_state *mrb, size_t section_size, uint8_t *bin)
   struct rite_section_irep_header *header = (struct rite_section_irep_header*)bin;
 
   memcpy(header->section_identify, RITE_SECTION_IREP_IDENTIFIER, sizeof(header->section_identify));
-  mrb_assert(section_size <= UINT32_MAX);
+
+  mrb_assert_int_fit(size_t, section_size, uint32_t, UINT32_MAX);
   uint32_to_bin((uint32_t)section_size, header->section_size);
   memcpy(header->rite_version, RITE_VM_VER, sizeof(header->rite_version));
 
@@ -392,7 +392,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
   } else {
     filename_len = 0;
   }
-  mrb_assert(filename_len <= UINT16_MAX);
+  mrb_assert_int_fit(size_t, filename_len, uint16_t, UINT16_MAX);
   cur += uint16_to_bin((uint16_t)filename_len, cur); /* filename size */
 
   if (filename_len) {
@@ -401,7 +401,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
   }
 
   if (irep->lines) {
-    mrb_assert(irep->ilen <= UINT32_MAX);
+    mrb_assert_int_fit(size_t, irep->ilen, uint32_t, UINT32_MAX);
     cur += uint32_to_bin((uint32_t)(irep->ilen), cur); /* niseq */
     for (iseq_no = 0; iseq_no < irep->ilen; iseq_no++) {
       cur += uint16_to_bin(irep->lines[iseq_no], cur); /* opcode */
@@ -412,12 +412,11 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
   }
 
   diff = cur - bin;
-  mrb_assert(diff >= 0);
-  mrb_assert((uint32_t)diff <= UINT32_MAX);
+  mrb_assert_int_fit(ptrdiff_t, diff, uint32_t, UINT32_MAX);
 
   uint32_to_bin((uint32_t)diff, bin); /* record size */
 
-  mrb_assert((size_t)diff <= SIZE_MAX);
+  mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
   return (size_t)diff;
 }
 
@@ -565,8 +564,7 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
     /* filename index */
     filename_idx = find_filename_index(filenames, filenames_len,
                                                   file->filename_sym);
-    mrb_assert(filename_idx >= 0);
-    mrb_assert(filename_idx <= UINT16_MAX);
+    mrb_assert_int_fit(int, filename_idx, uint16_t, UINT16_MAX);
     cur += uint16_to_bin((uint16_t)filename_idx, cur);
 
     /* lines */
@@ -593,10 +591,10 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
   }
 
   ret = cur - bin;
-  mrb_assert(ret >= 0 && (uint32_t)ret <= UINT32_MAX);
+  mrb_assert_int_fit(ptrdiff_t, ret, uint32_t, UINT32_MAX);
   uint32_to_bin(ret, bin);
 
-  mrb_assert(ret >= 0 && (size_t)ret <= SIZE_MAX);
+  mrb_assert_int_fit(ptrdiff_t, ret, size_t, SIZE_MAX);
   return (size_t)ret;
 }
 
diff --git a/src/load.c b/src/load.c
index 776fec561..5e7245714 100644
--- a/src/load.c
+++ b/src/load.c
@@ -156,7 +156,7 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, size_t *len, mrb_bool all
   irep->reps = (mrb_irep**)mrb_malloc(mrb, sizeof(mrb_irep*)*irep->rlen);
 
   diff = src - bin;
-  mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
+  mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
   *len = (size_t)diff;
 
   return irep;
@@ -333,7 +333,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
   }
 
   diff = bin - start;
-  mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
+  mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
 
   if (record_size != (size_t)diff) {
     return MRB_DUMP_GENERAL_FAILURE;
@@ -349,7 +349,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
   }
 
   diff = bin - start;
-  mrb_assert(diff >=0 && (size_t)diff <= SIZE_MAX);
+  mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
   *record_len = (size_t)diff;
 
   return MRB_DUMP_OK;
@@ -391,7 +391,7 @@ read_section_debug(mrb_state *mrb, const uint8_t *start, mrb_irep *irep, mrb_boo
 
   bin += len;
   diff = bin - start;
-  mrb_assert(diff >= 0 && (size_t)diff <= UINT32_MAX);
+  mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
   if ((uint32_t)diff != bin_to_uint32(header->section_size)) {
     result = MRB_DUMP_GENERAL_FAILURE;
   }
diff --git a/src/string.c b/src/string.c
index b2a625eea..9c66ae18f 100644
--- a/src/string.c
+++ b/src/string.c
@@ -272,7 +272,7 @@ str_buf_cat(mrb_state *mrb, struct RString *s, const char *ptr, size_t len)
       ptr = STR_PTR(s) + off;
   }
   memcpy(STR_PTR(s) + STR_LEN(s), ptr, len);
-  mrb_assert(total <= MRB_INT_MAX);
+  mrb_assert_int_fit(size_t, total, mrb_int, MRB_INT_MAX);
   STR_SET_LEN(s, total);
   STR_PTR(s)[total] = '\0';   /* sentinel */
 }
diff --git a/src/symbol.c b/src/symbol.c
index de2cc2881..21bf1db7c 100644
--- a/src/symbol.c
+++ b/src/symbol.c
@@ -401,7 +401,7 @@ sym_inspect(mrb_state *mrb, mrb_value sym)
   sp = RSTRING_PTR(str);
   RSTRING_PTR(str)[0] = ':';
   memcpy(sp+1, name, len);
-  mrb_assert(len > 0 && (size_t)len <= SIZE_MAX);
+  mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
   if (!symname_p(name) || strlen(name) != (size_t)len) {
     str = mrb_str_dump(mrb, str);
     sp = RSTRING_PTR(str);
author	Yukihiro "Matz" Matsumoto <[email protected]>	2014-04-25 04:33:08 +0900
committer	Yukihiro "Matz" Matsumoto <[email protected]>	2014-04-25 04:33:08 +0900
commit	48f36d3f0ef9e1672a7eca95f289156095fc9f26 (patch)
tree	e26091b4a35d41bc2cd7780dcbb96a7cfa916a55
parent	83c1399af0d750e7a629dbf0ed6b7d0f59cf79ec (diff)
download	mruby-48f36d3f0ef9e1672a7eca95f289156095fc9f26.tar.gz mruby-48f36d3f0ef9e1672a7eca95f289156095fc9f26.zip