Skip to content

Commit 48f36d3

Browse files
committed
better integer size assertion suggested by usak
1 parent 83c1399 commit 48f36d3

6 files changed

Lines changed: 27 additions & 27 deletions

File tree

include/mruby.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -415,8 +415,10 @@ void* mrb_alloca(mrb_state *mrb, size_t);
415415
#ifdef MRB_DEBUG
416416
#include <assert.h>
417417
#define mrb_assert(p) assert(p)
418+
#define mrb_assert_int_fit(t1,n,t2,max) assert((n)>=0 && ((sizeof(n)<=sizeof(t2))||(n<=(t1)(max))))
418419
#else
419420
#define mrb_assert(p) ((void)0)
421+
#define mrb_assert_int_fit(t1,n,t2,max) ((void)0)
420422
#endif
421423

422424
#if defined(__cplusplus)

src/codegen.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -719,7 +719,7 @@ attrsym(codegen_scope *s, mrb_sym a)
719719
+ 1 /* '=' */
720720
+ 1 /* '\0' */
721721
);
722-
mrb_assert(len > 0);
722+
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
723723
memcpy(name2, name, (size_t)len);
724724
name2[len] = '=';
725725
name2[len+1] = '\0';

src/dump.c

Lines changed: 18 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
8989
str = mrb_fixnum_to_str(mrb, irep->pool[pool_no], 10);
9090
{
9191
mrb_int len = RSTRING_LEN(str);
92-
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
92+
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
9393
size += (size_t)len;
9494
}
9595
break;
@@ -98,15 +98,15 @@ get_pool_block_size(mrb_state *mrb, mrb_irep *irep)
9898
{
9999
int len;
100100
len = mrb_float_to_str(buf, mrb_float(irep->pool[pool_no]));
101-
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
101+
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
102102
size += (size_t)len;
103103
}
104104
break;
105105

106106
case MRB_TT_STRING:
107107
{
108108
mrb_int len = RSTRING_LEN(irep->pool[pool_no]);
109-
mrb_assert(len >= 0 && (size_t)len <= SIZE_MAX);
109+
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
110110
size += (size_t)len;
111111
}
112112
break;
@@ -142,9 +142,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
142142
char_ptr = RSTRING_PTR(str);
143143
{
144144
mrb_int tlen;
145+
145146
tlen = RSTRING_LEN(str);
146-
mrb_assert(tlen >= 0);
147-
mrb_assert(tlen <= INT16_MAX);
147+
mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
148148
len = (uint16_t)tlen;
149149
}
150150
break;
@@ -154,8 +154,7 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
154154
{
155155
int tlen;
156156
tlen = mrb_float_to_str(char_buf, mrb_float(irep->pool[pool_no]));
157-
mrb_assert(tlen >= 0);
158-
mrb_assert(tlen <= INT16_MAX);
157+
mrb_assert_int_fit(int, tlen, uint16_t, UINT16_MAX);
159158
len = (uint16_t)tlen;
160159
}
161160
char_ptr = &char_buf[0];
@@ -166,9 +165,9 @@ write_pool_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
166165
char_ptr = RSTRING_PTR(irep->pool[pool_no]);
167166
{
168167
mrb_int tlen;
168+
169169
tlen = RSTRING_LEN(irep->pool[pool_no]);
170-
mrb_assert(tlen >= 0);
171-
mrb_assert(tlen <= INT16_MAX);
170+
mrb_assert_int_fit(mrb_int, tlen, uint16_t, UINT16_MAX);
172171
len = (uint16_t)tlen;
173172
}
174173
break;
@@ -222,7 +221,7 @@ write_syms_block(mrb_state *mrb, mrb_irep *irep, uint8_t *buf)
222221

223222
name = mrb_sym2name_len(mrb, irep->syms[sym_no], &len);
224223

225-
mrb_assert(len <= UINT16_MAX);
224+
mrb_assert_int_fit(mrb_int, len, uint16_t, UINT16_MAX);
226225
cur += uint16_to_bin((uint16_t)len, cur); /* length of symbol name */
227226
memcpy(cur, name, len); /* symbol name */
228227
cur += (uint16_t)len;
@@ -315,7 +314,8 @@ write_section_irep_header(mrb_state *mrb, size_t section_size, uint8_t *bin)
315314
struct rite_section_irep_header *header = (struct rite_section_irep_header*)bin;
316315

317316
memcpy(header->section_identify, RITE_SECTION_IREP_IDENTIFIER, sizeof(header->section_identify));
318-
mrb_assert(section_size <= UINT32_MAX);
317+
318+
mrb_assert_int_fit(size_t, section_size, uint32_t, UINT32_MAX);
319319
uint32_to_bin((uint32_t)section_size, header->section_size);
320320
memcpy(header->rite_version, RITE_VM_VER, sizeof(header->rite_version));
321321

@@ -392,7 +392,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
392392
} else {
393393
filename_len = 0;
394394
}
395-
mrb_assert(filename_len <= UINT16_MAX);
395+
mrb_assert_int_fit(size_t, filename_len, uint16_t, UINT16_MAX);
396396
cur += uint16_to_bin((uint16_t)filename_len, cur); /* filename size */
397397

398398
if (filename_len) {
@@ -401,7 +401,7 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
401401
}
402402

403403
if (irep->lines) {
404-
mrb_assert(irep->ilen <= UINT32_MAX);
404+
mrb_assert_int_fit(size_t, irep->ilen, uint32_t, UINT32_MAX);
405405
cur += uint32_to_bin((uint32_t)(irep->ilen), cur); /* niseq */
406406
for (iseq_no = 0; iseq_no < irep->ilen; iseq_no++) {
407407
cur += uint16_to_bin(irep->lines[iseq_no], cur); /* opcode */
@@ -412,12 +412,11 @@ write_lineno_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t* bin)
412412
}
413413

414414
diff = cur - bin;
415-
mrb_assert(diff >= 0);
416-
mrb_assert((uint32_t)diff <= UINT32_MAX);
415+
mrb_assert_int_fit(ptrdiff_t, diff, uint32_t, UINT32_MAX);
417416

418417
uint32_to_bin((uint32_t)diff, bin); /* record size */
419418

420-
mrb_assert((size_t)diff <= SIZE_MAX);
419+
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
421420
return (size_t)diff;
422421
}
423422

@@ -565,8 +564,7 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
565564
/* filename index */
566565
filename_idx = find_filename_index(filenames, filenames_len,
567566
file->filename_sym);
568-
mrb_assert(filename_idx >= 0);
569-
mrb_assert(filename_idx <= UINT16_MAX);
567+
mrb_assert_int_fit(int, filename_idx, uint16_t, UINT16_MAX);
570568
cur += uint16_to_bin((uint16_t)filename_idx, cur);
571569

572570
/* lines */
@@ -593,10 +591,10 @@ write_debug_record_1(mrb_state *mrb, mrb_irep *irep, uint8_t *bin, mrb_sym const
593591
}
594592

595593
ret = cur - bin;
596-
mrb_assert(ret >= 0 && (uint32_t)ret <= UINT32_MAX);
594+
mrb_assert_int_fit(ptrdiff_t, ret, uint32_t, UINT32_MAX);
597595
uint32_to_bin(ret, bin);
598596

599-
mrb_assert(ret >= 0 && (size_t)ret <= SIZE_MAX);
597+
mrb_assert_int_fit(ptrdiff_t, ret, size_t, SIZE_MAX);
600598
return (size_t)ret;
601599
}
602600

src/load.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -156,7 +156,7 @@ read_irep_record_1(mrb_state *mrb, const uint8_t *bin, size_t *len, mrb_bool all
156156
irep->reps = (mrb_irep**)mrb_malloc(mrb, sizeof(mrb_irep*)*irep->rlen);
157157

158158
diff = src - bin;
159-
mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
159+
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
160160
*len = (size_t)diff;
161161

162162
return irep;
@@ -333,7 +333,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
333333
}
334334

335335
diff = bin - start;
336-
mrb_assert(diff >= 0 && (size_t)diff <= SIZE_MAX);
336+
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
337337

338338
if (record_size != (size_t)diff) {
339339
return MRB_DUMP_GENERAL_FAILURE;
@@ -349,7 +349,7 @@ read_debug_record(mrb_state *mrb, const uint8_t *start, mrb_irep* irep, size_t *
349349
}
350350

351351
diff = bin - start;
352-
mrb_assert(diff >=0 && (size_t)diff <= SIZE_MAX);
352+
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
353353
*record_len = (size_t)diff;
354354

355355
return MRB_DUMP_OK;
@@ -391,7 +391,7 @@ read_section_debug(mrb_state *mrb, const uint8_t *start, mrb_irep *irep, mrb_boo
391391

392392
bin += len;
393393
diff = bin - start;
394-
mrb_assert(diff >= 0 && (size_t)diff <= UINT32_MAX);
394+
mrb_assert_int_fit(ptrdiff_t, diff, size_t, SIZE_MAX);
395395
if ((uint32_t)diff != bin_to_uint32(header->section_size)) {
396396
result = MRB_DUMP_GENERAL_FAILURE;
397397
}

src/string.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -272,7 +272,7 @@ str_buf_cat(mrb_state *mrb, struct RString *s, const char *ptr, size_t len)
272272
ptr = STR_PTR(s) + off;
273273
}
274274
memcpy(STR_PTR(s) + STR_LEN(s), ptr, len);
275-
mrb_assert(total <= MRB_INT_MAX);
275+
mrb_assert_int_fit(size_t, total, mrb_int, MRB_INT_MAX);
276276
STR_SET_LEN(s, total);
277277
STR_PTR(s)[total] = '\0'; /* sentinel */
278278
}

src/symbol.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -401,7 +401,7 @@ sym_inspect(mrb_state *mrb, mrb_value sym)
401401
sp = RSTRING_PTR(str);
402402
RSTRING_PTR(str)[0] = ':';
403403
memcpy(sp+1, name, len);
404-
mrb_assert(len > 0 && (size_t)len <= SIZE_MAX);
404+
mrb_assert_int_fit(mrb_int, len, size_t, SIZE_MAX);
405405
if (!symname_p(name) || strlen(name) != (size_t)len) {
406406
str = mrb_str_dump(mrb, str);
407407
sp = RSTRING_PTR(str);

0 commit comments

Comments
 (0)