From: Timo Sirainen Date: Wed, 20 May 2020 08:18:48 +0000 (+0300) Subject: lib: array - Make sure it assert-crashes if trying to add more than UINT_MAX elements X-Git-Tag: 2.3.14.rc1~102 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0732cea98a5d86714b100e75379f6e8a6408576a;p=thirdparty%2Fdovecot%2Fcore.git lib: array - Make sure it assert-crashes if trying to add more than UINT_MAX elements This is required, because array_count() returns unsigned int. --- diff --git a/src/lib/array.h b/src/lib/array.h index eef813f322..85eca3a1a8 100644 --- a/src/lib/array.h +++ b/src/lib/array.h @@ -126,7 +126,9 @@ array_create_i(struct array *array, pool_t pool, { buffer_t *buffer; - buffer = buffer_create_dynamic(pool, init_count * element_size); + buffer = buffer_create_dynamic_max(pool, init_count * element_size, + SIZE_MAX / element_size < UINT_MAX ? SIZE_MAX : + UINT_MAX * element_size); array_create_from_buffer_i(array, buffer, element_size); } #define array_create(array, pool, element_size, init_count) \ diff --git a/src/lib/test-array.c b/src/lib/test-array.c index 1799487ddd..99085304b7 100644 --- a/src/lib/test-array.c +++ b/src/lib/test-array.c @@ -361,6 +361,30 @@ enum fatal_test_state fatal_array(unsigned int stage) array_copy(&ad.arr, 1, &as.arr, 0, 4); return FATAL_TEST_FAILURE; } + case 3: { + ARRAY(uint8_t) arr; + uint8_t value = 0; + + t_array_init(&arr, 2); + array_push_back(&arr, &value); + test_expect_fatal_string("Buffer write out of range"); + /* this is supposed to assert-crash before it even attempts to + access value */ + array_append(&arr, &value, UINT_MAX); + return FATAL_TEST_FAILURE; + } + case 4: { + ARRAY(uint32_t) arr; + uint32_t value = 0; + + t_array_init(&arr, 2); + array_push_back(&arr, &value); + test_expect_fatal_string("Buffer write out of range"); + /* this is supposed to assert-crash before it even attempts to + access value */ + array_append(&arr, &value, UINT_MAX); + return FATAL_TEST_FAILURE; + } } test_end(); /* Forces the compiler to check the value of useless_ptr, so that it