From 0518ab22c4758712a78be436620d4e2cab69d7c2 Mon Sep 17 00:00:00 2001 From: cremno Date: Tue, 28 Apr 2015 14:40:22 +0200 Subject: unify error handling Convert mrb_read_irep_file() to use goto like read_section_lv() and read_section_debug() already do. --- src/load.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/src/load.c b/src/load.c index 889420ae9..17bbb13eb 100644 --- a/src/load.c +++ b/src/load.c @@ -670,23 +670,21 @@ mrb_read_irep_file(mrb_state *mrb, FILE* fp) /* You don't need use SIZE_ERROR as buf_size is enough small. */ buf = (uint8_t*)mrb_malloc(mrb, header_size); if (fread(buf, header_size, 1, fp) == 0) { - mrb_free(mrb, buf); - return NULL; + goto irep_exit; } result = read_binary_header(buf, &buf_size, NULL, &flags); if (result != MRB_DUMP_OK) { - mrb_free(mrb, buf); - return NULL; + goto irep_exit; } buf = (uint8_t*)mrb_realloc(mrb, buf, buf_size); if (fread(buf+header_size, buf_size-header_size, 1, fp) == 0) { - mrb_free(mrb, buf); - return NULL; + goto irep_exit; } irep = read_irep(mrb, buf, FLAG_SRC_MALLOC); - mrb_free(mrb, buf); +irep_exit: + mrb_free(mrb, buf); return irep; } -- cgit v1.2.3 From 091ce867c104d0b1ad02dd7c34f13eef27b0ff39 Mon Sep 17 00:00:00 2001 From: cremno Date: Tue, 28 Apr 2015 14:53:50 +0200 Subject: fix possible unsigned integer underflow buf_size has to be greater than header_size, otherwise subtracting header_size from buf_size will cause an integer underflow. Being equal to header_size is fine, however useless, so quit early. --- src/load.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/load.c b/src/load.c index 17bbb13eb..9854f712f 100644 --- a/src/load.c +++ b/src/load.c @@ -673,7 +673,7 @@ mrb_read_irep_file(mrb_state *mrb, FILE* fp) goto irep_exit; } result = read_binary_header(buf, &buf_size, NULL, &flags); - if (result != MRB_DUMP_OK) { + if (result != MRB_DUMP_OK || buf_size <= header_size) { goto irep_exit; } -- cgit v1.2.3