scc

simple c99 compiler
git clone git://git.simple-cc.org/scc
Log | Files | Refs | Submodules | README | LICENSE

commit 8eac854cc7c847897fdab85d0173178dbcf1ab2e
parent 1a8211822166322c8609ee15179aaf13d028d4e6
Author: Roberto E. Vargas Caballero <k0ga@shike2.com>
Date:   Thu, 11 Nov 2021 15:18:21 +0100

cc2: Check for overflow in array()

The input of cc2 is considered trusted, but it does not
hurt to check it again.

Diffstat:
Msrc/cmd/cc/cc2/cc2.h | 1+
Msrc/cmd/cc/cc2/parser.c | 7++++++-
2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/cmd/cc/cc2/cc2.h b/src/cmd/cc/cc2/cc2.h @@ -139,6 +139,7 @@ enum nerrors { EWTACKU, /* switch stack underflow */ ENOSWTC, /* Out of switch statement */ EBBUILT, /* Unknown builtin */ + EOVERFL, /* Numerical overflow */ ENUMERR }; diff --git a/src/cmd/cc/cc2/parser.c b/src/cmd/cc/cc2/parser.c @@ -1,4 +1,5 @@ #include <errno.h> +#include <limits.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -572,7 +573,11 @@ array(void) base = pop(); tp = pop(); tp->flags = ARRF; - tp->size = size->u.i * base->size; /* FIXME check for overflow */ + + if (size->u.i > LONG_MAX/base->size) + error(EOVERFL); + + tp->size = size->u.i * base->size; tp->align = base->align; delnode(size);