From: Paul Eggert Date: Thu, 6 Jul 2017 01:58:11 +0000 (-0700) Subject: Check for integer overflow in xbm images X-Git-Tag: emacs-26.0.90~520^2~2 X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=018600f896fbed768e583f6b8ee7fbae713367d1;p=emacs.git Check for integer overflow in xbm images * src/image.c (XBM_TK_OVERFLOW): New constant. (xbm_scan): Check for integer overflow instead of relying on undefined behavior. Check that octal digits are actually octal. --- diff --git a/src/image.c b/src/image.c index 6b748ba2af6..91749fb8733 100644 --- a/src/image.c +++ b/src/image.c @@ -2444,7 +2444,8 @@ static struct image_type xbm_type = enum xbm_token { XBM_TK_IDENT = 256, - XBM_TK_NUMBER + XBM_TK_NUMBER, + XBM_TK_OVERFLOW }; @@ -2586,6 +2587,7 @@ xbm_scan (char **s, char *end, char *sval, int *ival) else if (c_isdigit (c)) { int value = 0, digit; + bool overflow = false; if (c == '0' && *s < end) { @@ -2598,15 +2600,19 @@ xbm_scan (char **s, char *end, char *sval, int *ival) digit = char_hexdigit (c); if (digit < 0) break; - value = 16 * value + digit; + overflow |= INT_MULTIPLY_WRAPV (value, 16, &value); + value += digit; } } - else if (c_isdigit (c)) + else if ('0' <= c && c <= '7') { value = c - '0'; while (*s < end - && (c = *(*s)++, c_isdigit (c))) - value = 8 * value + c - '0'; + && (c = *(*s)++, '0' <= c && c <= '7')) + { + overflow |= INT_MULTIPLY_WRAPV (value, 8, &value); + value += c - '0'; + } } } else @@ -2614,13 +2620,16 @@ xbm_scan (char **s, char *end, char *sval, int *ival) value = c - '0'; while (*s < end && (c = *(*s)++, c_isdigit (c))) - value = 10 * value + c - '0'; + { + overflow |= INT_MULTIPLY_WRAPV (value, 10, &value); + overflow |= INT_ADD_WRAPV (value, c - '0', &value); + } } if (*s < end) *s = *s - 1; *ival = value; - return XBM_TK_NUMBER; + return overflow ? XBM_TK_OVERFLOW : XBM_TK_NUMBER; } else if (c_isalpha (c) || c == '_') {