From: nhkeni Date: Thu, 17 Mar 2022 22:10:38 +0000 (-0400) Subject: Add FITSint() and FITSuint(), X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7dba4f1236b02b055957190f5ea08c1f27e2d811;p=nethack Add FITSint() and FITSuint(), which cast long long to int while panicking on overflow --- diff --git a/include/extern.h b/include/extern.h index b9a301707..7e3ee500a 100644 --- a/include/extern.h +++ b/include/extern.h @@ -889,7 +889,7 @@ extern void reveal_paths(void); extern boolean read_tribute(const char *, const char *, int, char *, int, unsigned); extern boolean Death_quote(char *, int); -extern void livelog_add(long, const char *); +extern void livelog_add(long ll_type, const char *); /* ### fountain.c ### */ @@ -1031,6 +1031,10 @@ extern void shuffle_int_array(int *, int); nh_snprintf(__func__, __LINE__, str, size, __VA_ARGS__) extern void nh_snprintf(const char *func, int line, char *str, size_t size, const char *fmt, ...) PRINTF_F(5, 6); +#define FITSint(x) FITSint_(x, __func__, __LINE__) +extern int FITSint_(long long, const char *, int); +#define FITSuint(x) FITSuint_(x, __func__, __LINE__) +extern unsigned FITSuint_(unsigned long long, const char *, int); /* ### insight.c ### */ diff --git a/src/alloc.c b/src/alloc.c index 416680c9f..c4642d9ed 100644 --- a/src/alloc.c +++ b/src/alloc.c @@ -8,6 +8,10 @@ /* since this file is also used in auxiliary programs, don't include all the function declarations for all of nethack */ #define EXTERN_H /* comment line for pre-compiled headers */ +/* but we need this one */ +#define FITSuint(x) FITSuint_(x, __func__, __LINE__) +extern unsigned FITSuint_(unsigned long long, const char *, int); + #include "config.h" char *fmt_ptr(const genericptr); @@ -147,7 +151,8 @@ nhdupstr(const char *string, const char *file, int line) char * dupstr(const char *string) { - return strcpy((char *) alloc(strlen(string) + 1), string); + unsigned len = FITSuint(strlen(string)); + return strcpy((char *) alloc(len + 1), string); } /* similar for reasonable size strings, but return the length of the input as well */ diff --git a/src/botl.c b/src/botl.c index 431d295cf..a7d571285 100644 --- a/src/botl.c +++ b/src/botl.c @@ -1039,8 +1039,7 @@ menualpha_cmp(const genericptr vptr1, const genericptr vptr2) int parse_cond_option(boolean negated, char *opts) { - int i; - size_t sl; + int i, sl; const char *compareto, *uniqpart, prefix[] = "cond_"; if (!opts || strlen(opts) <= sizeof prefix - 1) diff --git a/src/dlb.c b/src/dlb.c index 642951fc5..c52f286f9 100644 --- a/src/dlb.c +++ b/src/dlb.c @@ -36,6 +36,10 @@ char dlbfilename[MAX_DLB_FILENAME]; /* without extern.h via hack.h, these haven't been declared for us */ extern FILE *fopen_datafile(const char *, const char *, int); +#define FITSuint(x) FITSuint_((x), __func__, __LINE__) +/* implementation will be in either dlb_main.c or the core */ +extern unsigned FITSuint_(unsigned long long, const char *, int); + #ifdef DLBLIB /* @@ -132,8 +136,8 @@ readlibdir(library *lp) /* library pointer to fill in */ if (lp->rev > DLB_MAX_VERS || lp->rev < DLB_MIN_VERS) return FALSE; - lp->dir = (libdir *) alloc(lp->nentries * sizeof(libdir)); - lp->sspace = (char *) alloc(lp->strsize); + lp->dir = (libdir *) alloc(FITSuint(lp->nentries * sizeof(libdir))); + lp->sspace = (char *) alloc(FITSuint(lp->strsize)); /* read in each directory entry */ for (i = 0, sp = lp->sspace; i < lp->nentries; i++) { diff --git a/src/hacklib.c b/src/hacklib.c index 4ed7ab8ef..dd55fa0f2 100644 --- a/src/hacklib.c +++ b/src/hacklib.c @@ -1360,4 +1360,21 @@ nh_snprintf( RESTORE_WARNING_FORMAT_NONLITERAL +/* cast to int or panic on overflow; use via macro */ +int +FITSint_(lua_Integer i, const char *file, int line){ + int ret = (int)i; + if (ret != i) + panic("Overflow at %s:%d", file, line); + return (int)i; +} + +unsigned +FITSuint_(unsigned long long i, const char *file, int line){ + unsigned ret = (unsigned)i; + if (ret != i) + panic("Overflow at %s:%d", file, line); + return (unsigned)i; +} + /*hacklib.c*/ diff --git a/src/nhlua.c b/src/nhlua.c index e7f813ffb..1faef20bf 100644 --- a/src/nhlua.c +++ b/src/nhlua.c @@ -1399,7 +1399,7 @@ nhl_loadlua(lua_State *L, const char *fname) dlb_fseek(fh, 0L, SEEK_SET); /* extra +1: room to add final '\n' if missing */ - buf = bufout = (char *) alloc(buflen + 1 + 1); + buf = bufout = (char *) alloc(FITSint(buflen + 1 + 1)); buf[0] = '\0'; bufin = bufout = buf; @@ -1416,7 +1416,7 @@ nhl_loadlua(lua_State *L, const char *fname) * in use, and fseek(SEEK_END) only yields an upper bound on * the actual amount of data in that situation.] */ - if ((cnt = dlb_fread(bufin, 1, min(buflen, LOADCHUNKSIZE), fh)) < 0L) + if ((cnt = dlb_fread(bufin, 1, min((int)buflen, LOADCHUNKSIZE), fh)) < 0L) break; buflen -= cnt; /* set up for next iteration, if any */ if (cnt == 0L) { diff --git a/src/options.c b/src/options.c index 863997653..7f16db876 100644 --- a/src/options.c +++ b/src/options.c @@ -6697,7 +6697,6 @@ msgtype_parse_add(char *str) for (i = 0; i < SIZE(msgtype_names); i++) if (streq(msgtype_names[i].name, msgtype, TRUE)) { - //if (!strncmpi(msgtype_names[i].name, msgtype, strlen(msgtype))) { typ = msgtype_names[i].msgtyp; break; } @@ -8468,7 +8467,8 @@ set_option_mod_status(const char *optnam, int status) return; } for (k = 0; allopt[k].name; k++) { - if (!strncmpi(allopt[k].name, optnam, strlen(optnam))) { + if (streq(allopt[k].name, optnam, TRUE)) { + //if (!strncmpi(allopt[k].name, optnam, strlen(optnam))) { allopt[k].setwhere = status; return; } diff --git a/util/dlb_main.c b/util/dlb_main.c index cb523078a..204690e4f 100644 --- a/util/dlb_main.c +++ b/util/dlb_main.c @@ -17,6 +17,7 @@ static void xexit(int) NORETURN; char *eos(char *); /* also used by dlb.c */ FILE *fopen_datafile(const char *, const char *); +unsigned FITSuint_(unsigned long long, const char *, int); #ifdef DLB #ifdef DLBLIB @@ -543,4 +544,14 @@ xexit(int retcd) /*NOTREACHED*/ } + /* In hacklib.c, but we don't have that and it calls panic() */ +unsigned +FITSuint_(unsigned long long i, const char *file, int line){ + unsigned ret = (unsigned)i; + if (ret != i) { + printf("Overflow at %s:%d\n", file, line); + xexit(EXIT_FAILURE); + } + return (unsigned)i; +} /*dlb_main.c*/ diff --git a/util/makedefs.c b/util/makedefs.c index d906262fb..29355cf6e 100644 --- a/util/makedefs.c +++ b/util/makedefs.c @@ -171,6 +171,8 @@ static boolean use_enum = TRUE; extern unsigned _stklen = STKSIZ; #endif +unsigned FITSuint_(unsigned long long, const char *, int); + /* * Some of the routines in this source file were moved into .../src/mdlib * to facilitate the use of a cross-compiler generation of some of the @@ -2349,4 +2351,14 @@ struct attribs attrmax, attrmin; #endif #endif /* STRICT_REF_DEF */ +/* In hacklib.c, but we don't have that and it calls panic() */ +unsigned +FITSuint_(unsigned long long i, const char *file, int line){ +unsigned ret = (unsigned)i; +if (ret != i) { + Fprintf(stdout, "Overflow at %s:%d\n", file, line); + makedefs_exit(EXIT_FAILURE); +} +return (unsigned)i; +} /*makedefs.c*/