From: Stephan Bosch <stephan.bosch@dovecot.fi>
Date: Sat, 18 Nov 2017 18:06:55 +0000 (+0100)
Subject: lib: path-util: Made assertions in path_normalize() more reliable and less confusing... 
X-Git-Tag: 2.3.0.rc1~432
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1c8b68cab18b2104728e7cef78d923f234f7858d;p=thirdparty%2Fdovecot%2Fcore.git

lib: path-util: Made assertions in path_normalize() more reliable and less confusing to static analyzer.
---

diff --git a/src/lib/path-util.c b/src/lib/path-util.c
index 5f25832b62..ac192b2769 100644
--- a/src/lib/path-util.c
+++ b/src/lib/path-util.c
@@ -89,7 +89,8 @@ static int path_normalize(const char *path, bool resolve_links,
 		} else {
 			/* make sure npath now ends in slash */
 			if (*(npath_pos-1) != '/') {
-				i_assert(npath_pos + 1 < npath + asize);
+				i_assert(npath_pos >= npath);
+				i_assert((size_t)((npath_pos - npath) + 1) < asize);
 				*(npath_pos++) = '/';
 			}
 
@@ -102,7 +103,8 @@ static int path_normalize(const char *path, bool resolve_links,
 			}
 
 			/* copy segment to normalized path */
-			i_assert((npath_pos + seglen) < (npath + asize));
+			i_assert(npath_pos >= npath);
+			i_assert((size_t)((npath_pos - npath) + seglen) < asize);
 			memmove(npath_pos, p, seglen);
 			npath_pos += seglen;
 		}
@@ -146,6 +148,8 @@ static int path_normalize(const char *path, bool resolve_links,
 
 				if (ltlen > 0) {
 					/* preserve tail just after end of npath */
+					i_assert(npath_pos >= npath);
+					i_assert((size_t)((npath_pos + 1 - npath) + ltlen) < asize);
 					memmove(npath_pos + 1, segend, ltlen);
 				}
 
@@ -153,7 +157,8 @@ static int path_normalize(const char *path, bool resolve_links,
 				for (;;) {
 					npath_link = (npath_pos + 1) + ltlen;
 
-					i_assert(npath_link + lsize < npath + asize);
+					i_assert(npath_link >= npath_pos);
+					i_assert((size_t)((npath_link - npath) + lsize) < asize);
 
 					/* attempt to read the link */
 					if ((ret=readlink(npath, npath_link, lsize)) < 0) {
@@ -190,11 +195,14 @@ static int path_normalize(const char *path, bool resolve_links,
 				}
 
 				/* add tail of previous path at end of symlink */
+				i_assert(npath_link >= npath);
 				if (ltlen > 0) {
-					i_assert(npath_pos + 1 + tlen < npath + asize);
+					i_assert(npath_pos >= npath);
+					i_assert((size_t)((npath_pos - npath) + 1 + tlen) < asize);
+					i_assert((size_t)((npath_link - npath) + ret + tlen) < asize);
 					memcpy(npath_link + ret, npath_pos + 1, tlen);
 				} else {
-					i_assert(segend + tlen < npath + asize);
+					i_assert((size_t)((npath_link - npath) + ret + tlen) < asize);
 					memcpy(npath_link + ret, segend, tlen);
 				}
 				*(npath_link+ret+tlen) = '\0';
@@ -225,7 +233,8 @@ static int path_normalize(const char *path, bool resolve_links,
 		p = segend;
 	}
 
-	i_assert(npath_pos < npath + asize);
+	i_assert(npath_pos >= npath);
+	i_assert((size_t)(npath_pos - npath) < asize);
 
 	/* remove any trailing slash */
 	if (npath_pos > npath + 1 && *(npath_pos-1) == '/')