Jim Meyering [Tue, 14 Oct 2003 09:09:43 +0000 (09:09 +0000)]
Fix to avoid a denial-of-service attack if the display width is
enormous. Also, clean up the code a bit by removing duplicate code.
(init_column_info): Remove forward decl; no longer needed.
(calculate_columns): New function, that contains code that used
to be common to print_many_per_line and print_horizontal.
(print_many_per_line, print_horizontal): Use it.
(decode_switches): Set max_idx here, not in calculate_columns.
(print_current_files): Don't call init_column_info; calculate_columns
now does that.
(init_column_info): Don't allocate a lot more space than is needed
to represent the current set of files. Allocate all the new
size_t cells in one call to xnmalloc, rather than a row at a time.
Jim Meyering [Mon, 13 Oct 2003 15:16:27 +0000 (15:16 +0000)]
(struct bin_str.len, length_of_file_name_and_frills, indent,
nfiles, files_index, tabsize, line_length, struct column_info.line_len,
struct column_info.col_arr[0], max_idx):
Now size_t, not int.
(get_funky_string): Return bool indicating success, instead of
a negative count to indicate failure. Store number of columns
through new parameter OUTPUT_COUNT; that way, they can never
go negative. Change equals_end from int to bool. All uses
changed.
(struct column_info.valid_len): Now bool, not int. All uses changed.
(dired_dump_obstack, get_funky_string, clear_files,
extract_dirs_from_files, print_current_files,
print_many_per_line, print_horizontal, init_column_info,
put_indicator, length_of_file_name_and_frills,
print_with_commas): Use size_t, not int, for local variables
that count sizes.
(decode_switches): Decode sizes using xstrtoul, not xstrtol.
Check for TIOCGWINSZ returing negative values (or values greater
than SIZE_MAX!).
(visit_dir, main, parse_ls_color, queue_directory, add_ignore_pattern,
init_column_info):
Use xmalloc and xnmalloc, not XMALLOC.
(gobble_file): Use xnrealloc, not XREALLOC.
(print_color_indicator): Remove now-unnecessary cast to size_t.
Jim Meyering [Wed, 8 Oct 2003 17:54:19 +0000 (17:54 +0000)]
csplit cleanup.
Be more careful about int widths. For example, remove some
arbitrary limits by replacing 'unsigned' with 'size_t',
'uintmax_t', etc. Use standard bool rather than a homegrown type.
(FALSE, TRUE, boolean): Remove. All uses changed
to <stdbool.h> usage.
(struct control): offset is now intmax_t, not int.
repeat_forever is now bool, not int.
(struct cstring): len is now size_t, not unsigned int.
(struct buffer_record): bytes_alloc, bytes_used, num_lines are now
size_t, not unsigned. start_line, first_available are now
uintmax_t, not unsigned.
(hold_count, control_used): Now size_t, not unsigned.
(last_line_number, current_line, bytes_written):
Now uintmax_t, not unsigned.
(save_to_hold_area, red_input, keep_new_line, record_line_starts,
create_new_buffer, get_new_buffer, load_buffer, find_line,
process_regexp, split_file, new_control_record, extract_regexp,
get_format_width, get_format_prec, max_out):
size args, locals, and returned values are now size_t, not unsigned
or int.
(get_first_line_in_buffer, find_line, write_to_file,
handle_line_error, process_line_count, regexp_error, process_regexp,
split_file):
File line, byte, and repetition counts are now uintmax_t, not unsigned.
(check_for_offset): Don't require a sign before the offset.
Use xstrtoimax to do the real work.
(extract_regexp): Remove harmful cast of size to unsigned.
256 -> 1<<CHAR_BIT, for clarity.
(get_format_flags): Return at most 3, to avoid worries about overflow.
(bytes_to_octal_digits): Remove.
(cleanup): Don't check whether output_stream is NULL, since
close_output_file does that for us.
(new_line_control, create_new_buffer): Use "foo *p = xmalloc
(sizeof *p);" instead of the more long-winded alternatives.
(get_new_buffer): Use O(1) algorithm for resizing a buffer
to a much larger size, instead of an O(N) algorithm.
(process_regexp): Use plain NULL rather than casted 0.
(make_filename): Use %u, not %d, to format unsigned file number.
(new_control_record): Use xrealloc exclusively, since it handles
NULL reliably,
(extract_regexp): Change misspelled word in diagnostic.
(get_format_width): Even if a minimum field width is specified,
allow room for enough octal digits to represent the value of
the maximum representible integer. This fixes a potential
buffer overrun. Calculate this room at compile-time, not
at run-time; this removes the need for bytes_to_octal_digits.
Check for overflow; this removes a FIXME.
(get_format_prec): Don't allow precision to be signed; it's
not ANSI. Check for overflow. Remove hardcoded "11" as
default precision; this fixes a potential buffer overrun
on hosts with wider size_t.
(get_format_conv_type): Change local variable to be of type
unsigned char, not int; this removes a potential subscript
violation on hosts where char is signed.
(max_out): Replace "for (;*p;)" with more-standard "while (*p)".
Allow "%%" in format. Don't overflow when
counting lots of percents.
Jim Meyering [Thu, 2 Oct 2003 17:33:54 +0000 (17:33 +0000)]
Don't require that the maximum length of a file name
encountered in a traversal fit in an `unsigned short',
and fix some portability bugs (don't depend on gcc).
Include "fts_.h", not <fts.h>.
(ALIGNBYTES) [!(__GNUC__ >= 2)]: Add a definition that works with
compilers that don't have __alignof__.
(MAX): Use a definition that doesn't depend on gcc.
(fts_build): Make `len' and `maxlen' be of type size_t, not int.
Test for overflow in a less type-dependent manner.
Test HAVE_STRUCT_DIRENT_D_TYPE, rather than
defined DT_DIR && defined _DIRENT_HAVE_D_TYPE.
(fts_palloc): Test for overflow in a less type-dependent manner.
(fts_safe_changedir): Use stat, not stat64.
Use fstat, not __fxstat64(_STAT_VER.
Jim Meyering [Thu, 2 Oct 2003 17:33:42 +0000 (17:33 +0000)]
Don't require that the maximum length of a file name
encountered in a traversal fit in an `unsigned short',
and fix some portability bugs (don't depend on gcc).
[FTS] (fts_pathlen): Change type from int to size_t.
[FTSENT] (fts_pathlen): Change type from u_short to size_t.
(fts_level): Change type from u_short to int.
Jim Meyering [Wed, 1 Oct 2003 08:09:02 +0000 (08:09 +0000)]
(print_news_deltas): New function, extracted from main.
(main): Make `news_file' an array.
Use '...=s' => \@var for --news and --url-directory specs.
Before there were a couple of problems.
projects / thirdparty / coreutils.git / log
