From nobody Sun Jan 30 16:28:43 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 9C2EE197CD33; Sun, 30 Jan 2022 16:28:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JmxTR3P4yz4mZ2; Sun, 30 Jan 2022 16:28:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643560123; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=V8esW8jleyoak9jFLhoNWgHM0JX2gJuWlk/0MIqavsI=; b=s3VgeMDJJDJmuzRN26GVyij0zDnBsIo5cvnnhzucbzSoxpDIl8MiEghdGtoVav38OihlRz IV2X7xdsc1cl4sJrUV+XXq69eQ9SkrwhhCLHWe3AuHsKOtZtL45AfIRPnjGCp/y4TEXXkk +zFCfr80YeCoYKoMGGwa36bvoB8e+BE84mMpXMornTSwOzd72MDfujBUms0JZNQC4TB5ph IsqsKEleB/fYSCTgF++qj/Xw/2BricziPKAgX6tNS1zTXSQt48QExpDfxWhJWicIHBuYVK SKXsgSKfFJ40yhVtoJQ0rPRHO5JaVp6WEeXIyfGeRoCOKOkKMTjD35PZxlOwYQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 31AF54239; Sun, 30 Jan 2022 16:28:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20UGShBd082020; Sun, 30 Jan 2022 16:28:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20UGShss082019; Sun, 30 Jan 2022 16:28:43 GMT (envelope-from git) Date: Sun, 30 Jan 2022 16:28:43 GMT Message-Id: <202201301628.20UGShss082019@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Wolfram Schneider Subject: git: 5260fbcebdfc - main - fix check for integer List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: wosch X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 5260fbcebdfcf2c17f9575bfbe9a34c97d56ea0a Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1643560123; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=V8esW8jleyoak9jFLhoNWgHM0JX2gJuWlk/0MIqavsI=; b=wkirjOarXZAPkq+RARoEK/rHDLxQpchKgjDqhBUGeYebGn3bGRRBz7Mn+Gf1k4v3QuybAQ ZNbw7XPwjbD/WG7LEkXUc9lgnjxDOXjhQs+Ea5I774fcMzURIPYQC5VWB+8HIGUMezKpTD mbE/SiT9KUSbDuvwPn3Me5GHvaImdlyagZ3TIKquVuvXwVd5lonedeu9BwMBbWR1N4PXmQ IWPkC3LHUKVqDSWnVcbWzgTDEHAuntDpw7ue8XVwzfispRlbDnQVwjvRmPrD+asE4G38Q4 jXp79UkDcMTMaSxkSLbcj8vKP5BHJU9ejVbmx8Z1DsTBv79zONs8KP2Q+VwPgg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643560123; a=rsa-sha256; cv=none; b=IFMjm3zFZaCcdPBHnoI3JRxeD06+EZoGz3YNl6Q5IXjQtl73E7I5Pt+vULkOCnfFGkwmWA MaWQ3y93exKer8oWLg5Dx0ZiOgEdtoGs2zeS7N/plgm3BXa2p9SMCuEulZNTR8BrV1jnsG HZ9N2el0eYvsnXOJl5xIVrLEeDZgE7pC6l8VkjG/0CqNnPZC4lX2+3cLH/Cz974sexps8s D122f+z2CIGr9DbWztPPL1ug3YIvya7WV+kJlFbXzrxDcbjQQ0myi8AeJct/IKIcoz4Ge+ 6pGr/8FDm4rxlUxFl9JOiIl0hFNLI72phcfeD+oFcvj3FFIzrvK/jSd/Cbgb1w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by wosch: URL: https://cgit.FreeBSD.org/src/commit/?id=5260fbcebdfcf2c17f9575bfbe9a34c97d56ea0a commit 5260fbcebdfcf2c17f9575bfbe9a34c97d56ea0a Author: Wolfram Schneider AuthorDate: 2022-01-30 16:27:27 +0000 Commit: Wolfram Schneider CommitDate: 2022-01-30 16:27:27 +0000 fix check for integer For historical reasons, the integer is stored with an offset of plus 14. That means, for a given max path length of 1024 the valid values are -1009 .. 1037 and not -1023 .. 1023 PR: 201243 --- usr.bin/locate/locate/util.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/usr.bin/locate/locate/util.c b/usr.bin/locate/locate/util.c index ff64b5a952d3..77d8f7e58079 100644 --- a/usr.bin/locate/locate/util.c +++ b/usr.bin/locate/locate/util.c @@ -223,16 +223,20 @@ getwm(p) } u; register int i, hi; + /* the integer is stored by an offset of 14 (!!!) */ + int i_max = MAXPATHLEN + OFFSET; + int i_min = -(MAXPATHLEN - OFFSET); + for (i = 0; i < (int)INTSIZE; i++) u.buf[i] = *p++; i = u.i; - if (i > MAXPATHLEN || i < -(MAXPATHLEN)) { + if (i >= i_max || i <= i_min) { hi = ntohl(i); - if (hi > MAXPATHLEN || hi < -(MAXPATHLEN)) - errx(1, "integer out of +-MAXPATHLEN (%d): %u", - MAXPATHLEN, abs(i) < abs(hi) ? i : hi); + if (hi >= i_max || hi <= i_min) + errx(1, "integer out of range: %d < %d < %d", + i_min, abs(i) < abs(hi) ? i : hi, i_max); return(hi); } return(i); @@ -251,14 +255,16 @@ getwf(fp) FILE *fp; { register int word, hword; + int i_max = MAXPATHLEN + OFFSET; + int i_min = -(MAXPATHLEN - OFFSET); word = getw(fp); - if (word > MAXPATHLEN || word < -(MAXPATHLEN)) { + if (word >= i_max || word <= i_min) { hword = ntohl(word); - if (hword > MAXPATHLEN || hword < -(MAXPATHLEN)) - errx(1, "integer out of +-MAXPATHLEN (%d): %u", - MAXPATHLEN, abs(word) < abs(hword) ? word : hword); + if (hword >= i_max || hword <= i_min) + errx(1, "integer out of range: %d < %d < %d", + i_min, abs(word) < abs(hword) ? word : hword, i_max); return(hword); } return(word);