nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-18 19:41:01 -05:00
Code Issues Projects Releases Wiki Activity

Tighten up a lot of casts from unsigned to int which are read by one

Browse Source 
of the GET_32BIT macros and then used as length fields. Missing bounds
checks against zero have been added, and also I've introduced a helper
function toint() which casts from unsigned to int in such a way as to
avoid C undefined behaviour, since I'm not sure I trust compilers any
more to do the obviously sensible thing.

[originally from svn r9918]
This commit is contained in:
Simon Tatham
2013-07-14 10:45:54 +00:00
parent 1662a2f6cf
commit 896bb7c74d
11 changed files with 185 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
conf.c
View File

@ -522,14 +522,15 @@ int conf_deserialise(Conf *conf, void *vdata, int maxsize)
unsigned char *data = (unsigned char *)vdata;
unsigned char *start = data;
struct conf_entry *entry;
int primary, used;
unsigned primary;
int used;
unsigned char *zero;
while (maxsize >= 4) {
primary = GET_32BIT_MSB_FIRST(data);
data += 4, maxsize -= 4;
if ((unsigned)primary >= N_CONFIG_OPTIONS)
if (primary >= N_CONFIG_OPTIONS)
break;
entry = snew(struct conf_entry);
@ -541,7 +542,7 @@ int conf_deserialise(Conf *conf, void *vdata, int maxsize)
sfree(entry);
goto done;
}
entry->key.secondary.i = GET_32BIT_MSB_FIRST(data);
entry->key.secondary.i = toint(GET_32BIT_MSB_FIRST(data));
data += 4, maxsize -= 4;
break;
case TYPE_STR:
@ -564,7 +565,7 @@ int conf_deserialise(Conf *conf, void *vdata, int maxsize)
sfree(entry);
goto done;
}
entry->value.u.intval = GET_32BIT_MSB_FIRST(data);
entry->value.u.intval = toint(GET_32BIT_MSB_FIRST(data));
data += 4, maxsize -= 4;
break;
case TYPE_STR: