maint: convert some overflow checks to ckd_add and ckd_mul

* src/csplit.c (parse_repeat_count): Prefer ckd_add when checking for
overflows.
* src/install.c (get_ids): Likewise.
* src/shred.c (dopass): Likewise.
* src/tr.c (get_spec_stats): Likewise.
* src/sort.c (specify_sort_size): Prefer ckd_mul when checking for
overflows.

diff --git a/src/csplit.c b/src/csplit.c
index d2a928ae69ea1e4031bbc725018245528c21f5f4..f3fccfcd5da754b6ad7d1c3290dbe748cdbf1246 100644 (file)
--- a/src/csplit.c
+++ b/src/csplit.c
@@ -1063,13 +1063,12 @@ parse_repeat_count (int argnum, struct control *p, char *str)
     {
       uintmax_t val;
       if (xstrtoumax (str + 1, nullptr, 10, &val, "") != LONGINT_OK
-          || INTMAX_MAX < val)
+          || ckd_add (&p->repeat, val, 0))
         {
           error (EXIT_FAILURE, 0,
                  _("%s}: integer required between '{' and '}'"),
                  quote (global_argv[argnum]));
         }
-      p->repeat = val;
     }
 
   *end = '}';

diff --git a/src/install.c b/src/install.c
index f8a8140254a4c56e8c34d7b593e83d188713c469..43c7729affdbe7f224f7493405801a3991e6b3d7 100644 (file)
--- a/src/install.c
+++ b/src/install.c
@@ -535,10 +535,9 @@ get_ids (void)
         {
           uintmax_t tmp;
           if (xstrtoumax (owner_name, nullptr, 0, &tmp, "") != LONGINT_OK
-              || UID_T_MAX < tmp)
+              || ckd_add (&owner_id, tmp, 0))
             error (EXIT_FAILURE, 0, _("invalid user %s"),
                    quoteaf (owner_name));
-          owner_id = tmp;
         }
       else
         owner_id = pw->pw_uid;
@@ -554,10 +553,9 @@ get_ids (void)
         {
           uintmax_t tmp;
           if (xstrtoumax (group_name, nullptr, 0, &tmp, "") != LONGINT_OK
-              || GID_T_MAX < tmp)
+              || ckd_add (&group_id, tmp, 0))
             error (EXIT_FAILURE, 0, _("invalid group %s"),
                    quoteaf (group_name));
-          group_id = tmp;
         }
       else
         group_id = gr->gr_gid;

diff --git a/src/shred.c b/src/shred.c
index cf782f16eb262d6f077fcce99d5f62702a4f52b7..f2af243980069ab9d477787c6cac97a645c20f8d 100644 (file)
--- a/src/shred.c
+++ b/src/shred.c
@@ -529,15 +529,13 @@ dopass (int fd, struct stat const *st, char const *qname, off_t *sizep,
 
       /* Okay, we have written "soff" bytes. */
 
-      if (OFF_T_MAX - offset < soff)
+      if (ckd_add (&offset, offset, soff))
         {
           error (0, 0, _("%s: file too large"), qname);
           other_error = true;
           goto free_pattern_mem;
         }
 
-      offset += soff;
-
       bool done = offset == size;
 
       /* Time to print progress? */

diff --git a/src/sort.c b/src/sort.c
index 0212695b130d3677342e800c8fd08c7d3dca3b64..077abf37b185dfe5a171e7f1858c18ae9d6456da 100644 (file)
--- a/src/sort.c
+++ b/src/sort.c
@@ -1389,13 +1389,8 @@ specify_sort_size (int oi, char c, char const *s)
   enum strtol_error e = xstrtoumax (s, &suffix, 10, &n, "EgGkKmMPQRtTYZ");
 
   /* The default unit is KiB.  */
-  if (e == LONGINT_OK && c_isdigit (suffix[-1]))
-    {
-      if (n <= UINTMAX_MAX / 1024)
-        n *= 1024;
-      else
-        e = LONGINT_OVERFLOW;
-    }
+  if (e == LONGINT_OK && c_isdigit (suffix[-1]) && ckd_mul (&n, n, 1024))
+    e = LONGINT_OVERFLOW;
 
   /* A 'b' suffix means bytes; a '%' suffix means percent of memory.  */
   if (e == LONGINT_INVALID_SUFFIX_CHAR && c_isdigit (suffix[-1]) && ! suffix[1])

diff --git a/src/tr.c b/src/tr.c
index f172ced86d41f3fbeafffea9dba574c478d1dc45..26776395f57971403df5a07eab7e54d804872b22 100644 (file)
--- a/src/tr.c
+++ b/src/tr.c
@@ -1244,7 +1244,6 @@ get_spec_stats (struct Spec_list *s)
   for (p = s->head->next; p; p = p->next)
     {
       count len = 0;
-      count new_length;
 
       switch (p->type)
         {
@@ -1298,10 +1297,8 @@ get_spec_stats (struct Spec_list *s)
          any length greater than the maximum repeat count, in case the
          length is later used to compute the repeat count for an
          indefinite element.  */
-      new_length = length + len;
-      if (! (length <= new_length && new_length <= REPEAT_COUNT_MAXIMUM))
+      if (ckd_add (&length, length, len) || REPEAT_COUNT_MAXIMUM < length)
         error (EXIT_FAILURE, 0, _("too many characters in set"));
-      length = new_length;
     }
 
   s->length = length;