[xiph-commits] r3889 - liboggz/trunk/src/liboggz

conrad at svn.annodex.net conrad at svn.annodex.net
Thu Mar 19 06:12:24 PDT 2009 

Author: conrad
Date: 2009-03-19 06:12:24 -0700 (Thu, 19 Mar 2009)
New Revision: 3889

Modified:
   liboggz/trunk/src/liboggz/oggz_comments.c
Log:
clamp comment lengths  to fit within 32 bits (including trailing NUL)
port from libfishsound

Modified: liboggz/trunk/src/liboggz/oggz_comments.c
===================================================================
--- liboggz/trunk/src/liboggz/oggz_comments.c	2009-03-19 07:44:41 UTC (rev 3888)
+++ liboggz/trunk/src/liboggz/oggz_comments.c	2009-03-19 13:12:24 UTC (rev 3889)
@@ -53,9 +53,12 @@
 #define strcasecmp _stricmp
 #endif
 
+/* Ensure comment vector length can be expressed in 32 bits
+ * including space for the trailing NUL */
+#define MAX_COMMENT_LENGTH 0xFFFFFFFE
+#define oggz_comment_clamp(c) MIN((c),MAX_COMMENT_LENGTH)
 
-/* Ensure comment vector length can be expressed in 32 bits */
-static unsigned long
+static size_t
 oggz_comment_len (const char * s)
 {
   size_t len;
@@ -63,7 +66,7 @@
   if (s == NULL) return 0;
 
   len = strlen (s);
-  return (unsigned long) MIN(len, 0xFFFFFFFF);
+  return oggz_comment_clamp(len);
 }
 
 static char *
@@ -78,11 +81,12 @@
 }
 
 static char *
-oggz_strdup_len (const char * s, int len)
+oggz_strdup_len (const char * s, size_t len)
 {
   char * ret;
   if (s == NULL) return NULL;
   if (len == 0) return NULL;
+  len = oggz_comment_clamp(len);
   ret = oggz_malloc (len + 1);
   if (!ret) return NULL;
   if (strncpy (ret, s, len) == NULL) {
@@ -527,7 +531,8 @@
 {
    oggz_stream_t * stream;
    char *c= (char *)comments;
-   int len, i, nb_fields, n;
+   int i, nb_fields, n;
+   size_t len;
    char *end;
    char * name, * value, * nvalue = NULL;
    OggzComment * comment;
@@ -537,10 +542,9 @@
 
    end = c+length;
    len=readint(c, 0);
-   if (len<0) return -1;
 
    c+=4;
-   if (len>end-c) return -1;
+   if (len>(size_t)(end-c)) return -1;
 
    stream = oggz_get_stream (oggz, serialno);
    if (stream == NULL) return OGGZ_ERR_BAD_SERIALNO;
@@ -565,10 +569,9 @@
       if (c+4>end) return -1;
 
       len=readint(c, 0);
-      if (len<0) return -1;
 
       c+=4;
-      if (len>end-c) return -1;
+      if (len>(size_t)(end-c)) return -1;
 
       name = c;
       value = oggz_index_len (c, '=', len);

More information about the commits mailing list