From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <nickc@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2124)
 id 600523864877; Fri, 30 Jun 2023 12:54:41 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 600523864877
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
From: Nick Clifton <nickc@sourceware.org>
To: bfd-cvs@sourceware.org
Subject: [binutils-gdb] strings: Improve code to detect excessively large
 minimum string lengths.
X-Act-Checkin: binutils-gdb
X-Git-Author: Nick Clifton <nickc@redhat.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 0d1cd7d97835941c046dbb7ec1c83bc7c05779e6
X-Git-Newrev: 3713e829be7e0195a78de17282304bebf8746b67
Message-Id: <20230630125441.600523864877@sourceware.org>
Date: Fri, 30 Jun 2023 12:54:41 +0000 (GMT)
X-BeenThere: binutils-cvs@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Binutils-cvs mailing list <binutils-cvs.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils-cvs/>
List-Help: <mailto:binutils-cvs-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jun 2023 12:54:41 -0000

https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3D3713e829be7e=
0195a78de17282304bebf8746b67

commit 3713e829be7e0195a78de17282304bebf8746b67
Author: Nick Clifton <nickc@redhat.com>
Date:   Fri Jun 30 13:54:03 2023 +0100

    strings: Improve code to detect excessively large minimum string length=
s.
   =20
      PR 30598
      * strings.c (set_string_min): New function. (main): Use it. (print_un=
icode_stream): Calculate buffer size using a size_t.

Diff:
---
 binutils/ChangeLog |  7 +++++++
 binutils/strings.c | 48 ++++++++++++++++++++++++++++++------------------
 2 files changed, 37 insertions(+), 18 deletions(-)

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index f06aba238bb..bfbba8f6ee9 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,10 @@
+2023-06-30  Nick Clifton  <nickc@redhat.com>
+
+	PR 30598
+	* strings.c (set_string_min): New function.
+	(main): Use it.
+	(print_unicode_stream): Calculate buffer size using a size_t.
+
 2023-06-30  Nick Clifton  <nickc@redhat.com>
=20
 	PR 30595
diff --git a/binutils/strings.c b/binutils/strings.c
index f7214fc1228..eb4ec9e270c 100644
--- a/binutils/strings.c
+++ b/binutils/strings.c
@@ -171,13 +171,37 @@ static void usage (FILE *, int) ATTRIBUTE_NORETURN;
 =0C
 int main (int, char **);
=20
+static void
+set_string_min (const char * arg)
+{
+  char *s;
+  unsigned long l =3D strtoul (arg, &s, 0);
+
+  if (s !=3D NULL && *s !=3D 0)
+    fatal (_("invalid integer argument %s"), arg);
+
+  string_min =3D (unsigned int) l;
+
+  if (l !=3D (unsigned long) string_min)
+    fatal (_("minimum string length is too big: %s"), arg);
+   =20
+  if (string_min < 1)
+    fatal (_("minimum string length is too small: %s"), arg);
+
+  /* PR 30595: Look for minimum string lengths that overflow an 'int'.  */
+  if (string_min + 1 =3D=3D 0)
+    fatal (_("minimum string length %s is too big"), arg);
+
+  /* FIXME: Should we warn for unreasonably large minimum
+     string lengths, even if technically they will work ?  */
+}
+
 int
 main (int argc, char **argv)
 {
   int optc;
   int exit_status =3D 0;
   bool files_given =3D false;
-  char *s;
   int numeric_opt =3D 0;
=20
   setlocale (LC_ALL, "");
@@ -224,9 +248,7 @@ main (int argc, char **argv)
 	  usage (stdout, 0);
=20
 	case 'n':
-	  string_min =3D (int) strtoul (optarg, &s, 0);
-	  if (s !=3D NULL && *s !=3D 0)
-	    fatal (_("invalid integer argument %s"), optarg);
+	  set_string_min (optarg);
 	  break;
=20
 	case 'w':
@@ -310,19 +332,7 @@ main (int argc, char **argv)
     encoding =3D 'S';
=20
   if (numeric_opt !=3D 0)
-    {
-      string_min =3D (int) strtoul (argv[numeric_opt - 1] + 1, &s, 0);
-      if (s !=3D NULL && *s !=3D 0)
-	fatal (_("invalid integer argument %s"), argv[numeric_opt - 1] + 1);
-    }
-
-  if (string_min < 1)
-    fatal (_("invalid minimum string length %d"), string_min);
-  /* PR 30595: Look for excessive minimum string lengths.
-     The "(4 * string_min) + 1" is because this is the value
-     used to allocate space in print_unicode_stream().  */
-  else if (string_min =3D=3D -1U || ((4 * string_min) + 1) =3D=3D 0)
-    fatal (_("minimum string length %#x is too big"), string_min);
+    set_string_min (argv[numeric_opt - 1] + 1);
=20
   switch (encoding)
     {
@@ -1220,7 +1230,9 @@ print_unicode_stream (const char * filename,
     }
=20
   /* Allocate space for string_min 4-byte utf-8 characters.  */
-  unsigned char * print_buf =3D xmalloc ((4 * string_min) + 1);
+  size_t amt =3D string_min;
+  amt =3D (4 * amt) + 1;
+  unsigned char * print_buf =3D xmalloc (amt);
   /* We should never have to put back more than 4 bytes.  */
   unsigned char putback_buf[5];
   unsigned int num_putback =3D 0;