Author: mturk
Date: Thu Jul 30 06:36:02 2009
New Revision: 799183
URL: http://svn.apache.org/viewvc?rev=799183&view=rev
Log:
Extend params checking
Modified:
commons/sandbox/runtime/trunk/src/main/native/include/acr.h
commons/sandbox/runtime/trunk/src/main/native/shared/db.c
commons/sandbox/runtime/trunk/src/main/native/shared/memory.c
commons/sandbox/runtime/trunk/src/main/native/shared/nbb.c
commons/sandbox/runtime/trunk/src/main/native/shared/xdr.c
Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr.h
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr.h?rev=799183&r1=799182&r2=799183&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr.h Thu Jul 30
06:36:02 2009
@@ -247,6 +247,8 @@
#define ACR_SL_ALIGN(T, X) T X; long __align_##X
#endif
+#define ACR_SIZE_T_MAX ((acr_size_t)~0 - 8192)
+
/**
* ACR_DECLARE_EXPORT is defined when building the ANNEX dynamic library,
* so that all public symbols are exported.
Modified: commons/sandbox/runtime/trunk/src/main/native/shared/db.c
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/db.c?rev=799183&r1=799182&r2=799183&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/db.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/db.c Thu Jul 30
06:36:02 2009
@@ -114,7 +114,7 @@
void *mem;
acr_size_t siz = (acr_size_t)ACR_ALIGN_DEFAULT(len);
- if (len < 1) {
+ if (len < 1 || len > ACR_SIZE_T_MAX) {
ACR_SET_OS_ERROR(ACR_EISNULL);
return NULL;
}
Modified: commons/sandbox/runtime/trunk/src/main/native/shared/memory.c
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/memory.c?rev=799183&r1=799182&r2=799183&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/memory.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/memory.c Thu Jul 30
06:36:02 2009
@@ -113,8 +113,17 @@
size = 1024;
#endif
}
- else
+ else {
+ if (size > ACR_SIZE_T_MAX) {
+ /* We should fall lot before that.
+ */
+ if (!IS_INVALID_HANDLE(_E))
+ ACR_ThrowException(_E, file, line, ACR_EX_EINVAL,
+ ACR_EINVAL);
+ return NULL;
+ }
size = ACR_ALIGN_DEFAULT(sbhs + size);
+ }
if (!(base = ACR_Calloc(_E, file, line, size)))
return NULL;
sbh = (acr_sbh_t *)base;
@@ -173,6 +182,14 @@
ACR_EISNULL);
return NULL;
}
+ if (size > ACR_SIZE_T_MAX) {
+ /* We should fail lot before that.
+ */
+ if (!IS_INVALID_HANDLE(_E))
+ ACR_ThrowException(_E, file, line, ACR_EX_EINVAL,
+ ACR_EINVAL);
+ return NULL;
+ }
size = ACR_ALIGN_DEFAULT(size);
if ((sbh->size - sbh->ppos) >= size) {
@@ -262,7 +279,7 @@
acr_size_t ass = (acr_size_t)ACR_ALIGN_DEFAULT(siz);
UNREFERENCED_O;
- if (siz < 1L) {
+ if (siz < 1L || siz > ACR_SIZE_T_MAX) {
ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EINVAL, 0);
return NULL;
}
@@ -284,7 +301,7 @@
acr_size_t ass = (acr_size_t)ACR_ALIGN_DEFAULT(siz);
UNREFERENCED_O;
- if (siz < 1L) {
+ if (siz < 1L || siz > ACR_SIZE_T_MAX) {
ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EINVAL, 0);
return NULL;
}
@@ -303,19 +320,24 @@
jobject src,
jlong siz)
{
- acr_pointer_cleanup_fn_t *cb;
+ acr_pointer_cleanup_fn_t *cb;
void *np;
size_t ss = (size_t)siz;
void *op = ACR_PointerGet(_E, src, NULL);
UNREFERENCED_O;
- cb = ACR_PointerCallbackGet(_E, src);
- if (cb != memory_pointer_cleanup) {
- /* Trying to realloc on something we didn't alloc first.
- */
+
+ if (siz < 1L || siz > ACR_SIZE_T_MAX) {
+ ACR_ThrowException(_E, THROW_NMARK, ACR_EX_EINVAL, 0);
+ return;
+ }
+ cb = ACR_PointerCallbackGet(_E, src);
+ if (cb != memory_pointer_cleanup) {
+ /* Trying to realloc on something we didn't alloc first.
+ */
ACR_ThrowException(_E, THROW_NMARK, ACR_EX_ERUNTIME, ACR_EFAULT);
- return;
- }
+ return;
+ }
np = ACR_Realloc(_E, THROW_NMARK, op, ss);
if (!np) {
return;
Modified: commons/sandbox/runtime/trunk/src/main/native/shared/nbb.c
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/nbb.c?rev=799183&r1=799182&r2=799183&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/nbb.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/nbb.c Thu Jul 30
06:36:02 2009
@@ -38,7 +38,7 @@
UNREFERENCED_O;
- if (size < 1) {
+ if (size < 1L || size > ACR_SIZE_T_MAX) {
ACR_ThrowException(_E, THROW_FMARK, ACR_EX_EINVAL,
ACR_EINVALSIZ);
return NULL;
@@ -64,7 +64,7 @@
UNREFERENCED_O;
- if (size < 1) {
+ if (size < 1L || size > ACR_SIZE_T_MAX) {
ACR_ThrowException(_E, THROW_FMARK, ACR_EX_EINVAL,
ACR_EINVALSIZ);
return NULL;
Modified: commons/sandbox/runtime/trunk/src/main/native/shared/xdr.c
URL:
http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/xdr.c?rev=799183&r1=799182&r2=799183&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/xdr.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/xdr.c Thu Jul 30
06:36:02 2009
@@ -44,6 +44,8 @@
{
size_t size = ACR_ALIGN_DEFAULT(sizeof(acr_xdr_t)) + len;
+ if (len > ACR_SIZE_T_MAX)
+ return ACR_EINVAL;
*xdr = (acr_xdr_t *)malloc(size);
if (*xdr == NULL)
return ACR_GET_OS_ERROR();
@@ -61,7 +63,7 @@
}
ACR_DECLARE(int) ACR_XdrInitEx(acr_xdr_t **xdr, acr_byte_t *buf, size_t len,
- int nbo)
+ int nbo)
{
*xdr = (acr_xdr_t *)buf;
