Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
mercurial.11266
hg-mpatch-fix04.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File hg-mpatch-fix04.patch of Package mercurial.11266
# HG changeset patch # User Augie Fackler <augie@google.com> # Date 1525140822 14400 # Node ID 1ec4cb8cbc87004ffbeeb1b5d98acef04c38d59a # Parent faa924469635512b72868b1552a1866a0f91db20 mpatch: introduce a safeadd() helper to work around UB int overflow We're about to make extensive use of this. This change duplicates some stdbool.h portability hacks from cext/util.h. We should probably clean that up in the future, but we'll skip that for now in order to make security backports easier. --- mercurial/mpatch.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) --- a/mercurial/mpatch.c +++ b/mercurial/mpatch.c @@ -22,11 +22,21 @@ #define PY_SSIZE_T_CLEAN #include <Python.h> +#include <limits.h> #include <stdlib.h> #include <string.h> #include "util.h" +/* VC9 doesn't include bool and lacks stdbool.h based on cext/util.h */ +#if defined(_MSC_VER) || __STDC_VERSION__ < 199901L +#define true 1 +#define false 0 +typedef unsigned char bool; +#else +#include <stdbool.h> +#endif + static char mpatch_doc[] = "Efficient binary patching."; static PyObject *mpatch_Error; @@ -74,6 +84,24 @@ static Py_ssize_t lsize(struct flist *a) return a->tail - a->head; } +/* add helper to add src and *dest iff it won't overflow */ +static inline bool safeadd(int src, int *dest) +{ + if ((src > 0) == (*dest > 0)) { + if (*dest > 0) { + if (src > (INT_MAX - *dest)) { + return false; + } + } else { + if (src < (INT_MIN - *dest)) { + return false; + } + } + } + *dest += src; + return true; +} + /* move hunks in source that are less cut to dest, compensating for changes in offset. the last hunk may be split if necessary. */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor