commit: 335e3c30ebd98959a53c22b12b17f907d7def48c Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> AuthorDate: Thu Nov 26 08:41:47 2015 +0000 Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> CommitDate: Thu Nov 26 08:41:47 2015 +0000 URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=335e3c30
xarray: move ele update to after bounds check Even though we don't use the loaded ele value until after we check the bounds of the counter, it makes ASAN unhappy, and might cause a load of invalid memory. URL: https://bugs.gentoo.org/553368 Reported-by: Hanno Boeck <hanno <AT> gentoo.org> xfuncs.h | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/xfuncs.h b/xfuncs.h index 82f5da0..61577ec 100644 --- a/xfuncs.h +++ b/xfuncs.h @@ -27,10 +27,14 @@ void xarraypush(array_t *array, const void *ele, size_t ele_len); #define xarraypush_str(arr, ele) xarraypush(arr, ele, strlen(ele) + 1 /*NUL*/) void xarrayfree(array_t *array); #define xrealloc_array(ptr, size, ele_size) xrealloc(ptr, (size) * (ele_size)) +/* The assignment after the check is unfortunate as we do a non-NULL check (we + * already do not permit pushing of NULL pointers), but we can't put it in the + * increment phase as that will cause a load beyond the bounds of valid memory. + */ #define array_for_each(arr, n, ele) \ for (n = 0, ele = array_cnt(arr) ? arr->eles[n] : NULL; \ - n < array_cnt(arr); \ - ele = arr->eles[++n]) + n < array_cnt(arr) && (ele = arr->eles[n]); \ + ++n) #define array_init_decl { .eles = NULL, .num = 0, } #define array_cnt(arr) (arr)->num char *array_flatten_str(array_t *array);
