diff options
| author | Yukihiro "Matz" Matsumoto <[email protected]> | 2014-03-09 01:28:31 +0900 |
|---|---|---|
| committer | Yukihiro "Matz" Matsumoto <[email protected]> | 2014-03-09 01:28:31 +0900 |
| commit | ee57789c724cb8bb86ebeda2dfd2ef585e996f68 (patch) | |
| tree | 88ac5cdfa6e37967467ee13fc7b39794e4b7e6c5 /src/load.c | |
| parent | 452bf73c2317cc4c9cf69b4dbf3ff82c3bde89c3 (diff) | |
| parent | 270d25bf2db157c9d1cdcc57bccefabbb1341524 (diff) | |
| download | mruby-ee57789c724cb8bb86ebeda2dfd2ef585e996f68.tar.gz mruby-ee57789c724cb8bb86ebeda2dfd2ef585e996f68.zip | |
Merge pull request #1831 from monaka/pr-make-type-casts-safer
Make type casts safer
Diffstat (limited to 'src/load.c')
| -rw-r--r-- | src/load.c | 113 |
1 files changed, 70 insertions, 43 deletions
diff --git a/src/load.c b/src/load.c index de517f89f..aa39efba4 100644 --- a/src/load.c +++ b/src/load.c @@ -26,6 +26,10 @@ # error This code assumes CHAR_BIT == 8 #endif +#if UINT32_MAX > SIZE_MAX +# error This code cannot be built on your environment. +#endif + static size_t offset_crc_body(void) { @@ -34,10 +38,11 @@ offset_crc_body(void) } static mrb_irep* -read_irep_record_1(mrb_state *mrb, const uint8_t *bin, uint32_t *len, mrb_bool alloc) +read_irep_record_1(mrb_state *mrb, const uint8_t *bin, size_t *len, mrb_bool alloc) { size_t i; const uint8_t *src = bin; + ptrdiff_t diff; uint16_t tt, pool_data_len, snl; size_t plen; int ai = mrb_gc_arena_save(mrb); @@ -55,12 +60,12 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, uint32_t *len, mrb_bool a src += sizeof(uint16_t); /* number of child irep */ - irep->rlen = bin_to_uint16(src); + irep->rlen = (size_t)bin_to_uint16(src); src += sizeof(uint16_t); /* Binary Data Section */ /* ISEQ BLOCK */ - irep->ilen = bin_to_uint32(src); + irep->ilen = (size_t)bin_to_uint32(src); src += sizeof(uint32_t); if (irep->ilen > 0) { if (SIZE_ERROR_MUL(sizeof(mrb_code), irep->ilen)) { @@ -71,13 +76,13 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, uint32_t *len, mrb_bool a return NULL; } for (i = 0; i < irep->ilen; i++) { - irep->iseq[i] = bin_to_uint32(src); /* iseq */ + irep->iseq[i] = (size_t)bin_to_uint32(src); /* iseq */ src += sizeof(uint32_t); } } /* POOL BLOCK */ - plen = bin_to_uint32(src); /* number of pool */ + plen = (size_t)bin_to_uint32(src); /* number of pool */ src += sizeof(uint32_t); if (plen > 0) { if (SIZE_ERROR_MUL(sizeof(mrb_value), plen)) { @@ -125,7 +130,7 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, uint32_t *len, mrb_bool a } /* SYMS BLOCK */ - irep->slen = bin_to_uint32(src); /* syms length */ + irep->slen = (size_t)bin_to_uint32(src); /* syms length */ src += sizeof(uint32_t); if (irep->slen > 0) { if (SIZE_ERROR_MUL(sizeof(mrb_sym), irep->slen)) { @@ -158,20 +163,24 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, uint32_t *len, mrb_bool a } irep->reps = (mrb_irep**)mrb_malloc(mrb, sizeof(mrb_irep*)*irep->rlen); - *len = src - bin; + + diff = src - bin; + mrb_assert(diff >= 0); + mrb_assert((size_t)diff <= SIZE_MAX); + *len = (size_t)diff; return irep; } static mrb_irep* -read_irep_record(mrb_state *mrb, const uint8_t *bin, uint32_t *len, mrb_bool alloc) +read_irep_record(mrb_state *mrb, const uint8_t *bin, size_t *len, mrb_bool alloc) { mrb_irep *irep = read_irep_record_1(mrb, bin, len, alloc); size_t i; bin += *len; for (i=0; i<irep->rlen; i++) { - uint32_t rlen; + size_t rlen; irep->reps[i] = read_irep_record(mrb, bin, &rlen, alloc); bin += rlen; @@ -183,14 +192,14 @@ read_irep_record(mrb_state *mrb, const uint8_t *bin, uint32_t *len, mrb_bool all static mrb_irep* read_section_irep(mrb_state *mrb, const uint8_t *bin, mrb_bool alloc) { - uint32_t len; + size_t len; bin += sizeof(struct rite_section_irep_header); return read_irep_record(mrb, bin, &len, alloc); } static int -read_lineno_record_1(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep, uint32_t *len) +read_lineno_record_1(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep, size_t *len) { int ret; size_t i, fname_len, niseq; @@ -216,7 +225,7 @@ read_lineno_record_1(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep, uint32_ bin += fname_len; *len += fname_len; - niseq = bin_to_uint32(bin); + niseq = (size_t)bin_to_uint32(bin); bin += sizeof(uint32_t); /* niseq */ *len += sizeof(uint32_t); @@ -239,14 +248,14 @@ read_lineno_record_1(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep, uint32_ } static int -read_lineno_record(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep, uint32_t *lenp) +read_lineno_record(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep, size_t *lenp) { int result = read_lineno_record_1(mrb, bin, irep, lenp); size_t i; if (result != MRB_DUMP_OK) return result; for (i = 0; i < irep->rlen; i++) { - uint32_t len; + size_t len; result = read_lineno_record(mrb, bin, irep->reps[i], &len); if (result != MRB_DUMP_OK) break; @@ -259,7 +268,7 @@ read_lineno_record(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep, uint32_t static int read_section_lineno(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep) { - uint32_t len; + size_t len; len = 0; bin += sizeof(struct rite_section_lineno_header); @@ -269,9 +278,10 @@ read_section_lineno(mrb_state *mrb, const uint8_t *bin, mrb_irep *irep) } static int -read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, uint32_t *len, const mrb_sym *filenames, size_t filenames_len) +read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *record_len, const mrb_sym *filenames, size_t filenames_len) { const uint8_t *bin = start; + ptrdiff_t diff; size_t record_size, i; uint16_t f_idx; @@ -280,7 +290,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, uint32_t irep->debug_info = (mrb_irep_debug_info*)mrb_malloc(mrb, sizeof(mrb_irep_debug_info)); irep->debug_info->pc_count = irep->ilen; - record_size = bin_to_uint32(bin); + record_size = (size_t)bin_to_uint32(bin); bin += sizeof(uint32_t); irep->debug_info->flen = bin_to_uint16(bin); @@ -295,7 +305,8 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, uint32_t file = (mrb_irep_debug_info_file *)mrb_malloc(mrb, sizeof(*file)); irep->debug_info->files[f_idx] = file; - file->start_pos = bin_to_uint32(bin); bin += sizeof(uint32_t); + file->start_pos = bin_to_uint32(bin); + bin += sizeof(uint32_t); /* filename */ filename_idx = bin_to_uint16(bin); @@ -305,26 +316,31 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, uint32_t len = 0; file->filename = mrb_sym2name_len(mrb, file->filename_sym, &len); - file->line_entry_count = bin_to_uint32(bin); bin += sizeof(uint32_t); - file->line_type = (mrb_debug_line_type)bin_to_uint8(bin); bin += sizeof(uint8_t); + file->line_entry_count = bin_to_uint32(bin); + bin += sizeof(uint32_t); + file->line_type = (mrb_debug_line_type)bin_to_uint8(bin); + bin += sizeof(uint8_t); switch(file->line_type) { case mrb_debug_line_ary: { - size_t l; + uint32_t l; - file->line_ary = (uint16_t *)mrb_malloc(mrb, sizeof(uint16_t) * file->line_entry_count); + file->line_ary = (uint16_t *)mrb_malloc(mrb, sizeof(uint16_t) * (size_t)(file->line_entry_count)); for(l = 0; l < file->line_entry_count; ++l) { - file->line_ary[l] = bin_to_uint16(bin); bin += sizeof(uint16_t); + file->line_ary[l] = bin_to_uint16(bin); + bin += sizeof(uint16_t); } } break; case mrb_debug_line_flat_map: { - size_t l; + uint32_t l; file->line_flat_map = (mrb_irep_debug_info_line*)mrb_malloc( - mrb, sizeof(mrb_irep_debug_info_line) * file->line_entry_count); + mrb, sizeof(mrb_irep_debug_info_line) * (size_t)(file->line_entry_count)); for(l = 0; l < file->line_entry_count; ++l) { - file->line_flat_map[l].start_pos = bin_to_uint32(bin); bin += sizeof(uint32_t); - file->line_flat_map[l].line = bin_to_uint16(bin); bin += sizeof(uint16_t); + file->line_flat_map[l].start_pos = bin_to_uint32(bin); + bin += sizeof(uint32_t); + file->line_flat_map[l].line = bin_to_uint16(bin); + bin += sizeof(uint16_t); } } break; @@ -332,12 +348,16 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, uint32_t } } - if((long)record_size != (bin - start)) { + diff = bin - start; + mrb_assert(diff >= 0); + mrb_assert((size_t)diff <= SIZE_MAX); + + if(record_size != (size_t)diff) { return MRB_DUMP_GENERAL_FAILURE; } for (i = 0; i < irep->rlen; i++) { - uint32_t len; + size_t len; int ret; ret =read_debug_record(mrb, bin, irep->reps[i], &len, filenames, filenames_len); @@ -345,7 +365,10 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, uint32_t bin += len; } - *len = bin - start; + diff = bin - start; + mrb_assert(diff >= 0); + mrb_assert((size_t)diff <= SIZE_MAX); + *record_len = (size_t)diff; return MRB_DUMP_OK; } @@ -354,11 +377,12 @@ static int read_section_debug(mrb_state *mrb, const uint8_t *start, mrb_irep *irep, mrb_bool alloc) { const uint8_t *bin; + ptrdiff_t diff; struct rite_section_debug_header *header; uint16_t i; - uint32_t len = 0; + size_t len = 0; int result; - size_t filenames_len; + uint16_t filenames_len; mrb_sym *filenames; bin = start; @@ -367,15 +391,15 @@ read_section_debug(mrb_state *mrb, const uint8_t *start, mrb_irep *irep, mrb_boo filenames_len = bin_to_uint16(bin); bin += sizeof(uint16_t); - filenames = (mrb_sym*)mrb_malloc(mrb, sizeof(mrb_sym) * filenames_len); + filenames = (mrb_sym*)mrb_malloc(mrb, sizeof(mrb_sym) * (size_t)filenames_len); for(i = 0; i < filenames_len; ++i) { uint16_t f_len = bin_to_uint16(bin); bin += sizeof(uint16_t); if (alloc) { - filenames[i] = mrb_intern(mrb, (const char *)bin, f_len); + filenames[i] = mrb_intern(mrb, (const char *)bin, (size_t)f_len); } else { - filenames[i] = mrb_intern_static(mrb, (const char *)bin, f_len); + filenames[i] = mrb_intern_static(mrb, (const char *)bin, (size_t)f_len); } bin += f_len; } @@ -384,7 +408,10 @@ read_section_debug(mrb_state *mrb, const uint8_t *start, mrb_irep *irep, mrb_boo if (result != MRB_DUMP_OK) goto debug_exit; bin += len; - if ((bin - start) != bin_to_uint32(header->section_size)) { + diff = bin - start; + mrb_assert(diff >= 0); + mrb_assert(diff <= UINT32_MAX); + if ((uint32_t)diff != bin_to_uint32(header->section_size)) { result = MRB_DUMP_GENERAL_FAILURE; } @@ -408,7 +435,7 @@ read_binary_header(const uint8_t *bin, size_t *bin_size, uint16_t *crc) *crc = bin_to_uint16(header->binary_crc); if (bin_size) { - *bin_size = bin_to_uint32(header->binary_size); + *bin_size = (size_t)bin_to_uint32(header->binary_size); } return MRB_DUMP_OK; @@ -504,14 +531,14 @@ read_lineno_record_file(mrb_state *mrb, FILE *fp, mrb_irep *irep) const size_t record_header_size = sizeof(header); int result; size_t i, buf_size; - uint32_t len; + size_t len; void *ptr; uint8_t *buf; if (fread(header, record_header_size, 1, fp) == 0) { return MRB_DUMP_READ_FAULT; } - buf_size = bin_to_uint32(&header[0]); + buf_size = (size_t)bin_to_uint32(&header[0]); if (SIZE_ERROR(buf_size)) { return MRB_DUMP_GENERAL_FAILURE; } @@ -553,7 +580,7 @@ read_irep_record_file(mrb_state *mrb, FILE *fp) uint8_t header[1 + 4]; const size_t record_header_size = sizeof(header); size_t buf_size, i; - uint32_t len; + size_t len; mrb_irep *irep = NULL; void *ptr; uint8_t *buf; @@ -561,7 +588,7 @@ read_irep_record_file(mrb_state *mrb, FILE *fp) if (fread(header, record_header_size, 1, fp) == 0) { return NULL; } - buf_size = bin_to_uint32(&header[0]); + buf_size = (size_t)bin_to_uint32(&header[0]); if (SIZE_ERROR(buf_size)) { return NULL; } @@ -600,7 +627,7 @@ mrb_read_irep_file(mrb_state *mrb, FILE* fp) int result; uint8_t *buf; uint16_t crc, crcwk = 0; - uint32_t section_size = 0; + size_t section_size = 0; size_t nbytes; struct rite_section_header section_header; long fpos; @@ -657,7 +684,7 @@ mrb_read_irep_file(mrb_state *mrb, FILE* fp) if (fread(§ion_header, sizeof(struct rite_section_header), 1, fp) == 0) { return NULL; } - section_size = bin_to_uint32(section_header.section_size); + section_size = (size_t)bin_to_uint32(section_header.section_size); if (memcmp(section_header.section_identify, RITE_SECTION_IREP_IDENTIFIER, sizeof(section_header.section_identify)) == 0) { fseek(fp, fpos, SEEK_SET); |