aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMax Kellermann <max@duempel.org>2008-03-26 10:38:07 +0000
committerEric Wong <normalperson@yhbt.net>2008-03-26 10:38:07 +0000
commit27f12c173d57d09d095d0e5ecfeb18acf5d2434a (patch)
treea1016cf4f069f0ab804f3023c87eb494c45dfed2
parent0692f6cd0ab12e921d1897de215fb42d6dc79a7c (diff)
downloadmpd-27f12c173d57d09d095d0e5ecfeb18acf5d2434a.tar.gz
mpd-27f12c173d57d09d095d0e5ecfeb18acf5d2434a.tar.xz
mpd-27f12c173d57d09d095d0e5ecfeb18acf5d2434a.zip
use size_t
When dealing with in-memory lengths, the standard type "size_t" should be used. Missing one can be quite dangerous, because an attacker could provoke an integer under-/overflow, which may provide an attack vector. git-svn-id: https://svn.musicpd.org/mpd/trunk@7205 09075e82-0dd4-0310-85a5-a0d7c8717e4f
-rw-r--r--src/inputStream_http.c37
-rw-r--r--src/interface.c48
-rw-r--r--src/interface.h2
-rw-r--r--src/ls.c10
-rw-r--r--src/myfprintf.c2
-rw-r--r--src/outputBuffer.c4
-rw-r--r--src/outputBuffer.h2
-rw-r--r--src/pcm_utils.c2
-rw-r--r--src/tag.c8
9 files changed, 57 insertions, 58 deletions
diff --git a/src/inputStream_http.c b/src/inputStream_http.c
index c5dccf9dd..9e9bbc921 100644
--- a/src/inputStream_http.c
+++ b/src/inputStream_http.c
@@ -40,8 +40,8 @@ static char *proxyHost;
static char *proxyPort;
static char *proxyUser;
static char *proxyPassword;
-static int bufferSize = HTTP_BUFFER_SIZE_DEFAULT;
-static int prebufferSize = HTTP_PREBUFFER_SIZE_DEFAULT;
+static size_t bufferSize = HTTP_BUFFER_SIZE_DEFAULT;
+static size_t prebufferSize = HTTP_PREBUFFER_SIZE_DEFAULT;
typedef struct _InputStreemHTTPData {
char *host;
@@ -52,9 +52,9 @@ typedef struct _InputStreemHTTPData {
char *buffer;
size_t buflen;
int timesRedirected;
- int icyMetaint;
+ size_t icyMetaint;
int prebuffer;
- int icyOffset;
+ size_t icyOffset;
char *proxyAuth;
char *httpAuth;
/* Number of times mpd tried to get data */
@@ -113,9 +113,9 @@ void inputStream_initHttp(void)
param = getConfigParam(CONF_HTTP_BUFFER_SIZE);
if (param) {
- bufferSize = strtol(param->value, &test, 10);
+ bufferSize = strtoul(param->value, &test, 10);
- if (bufferSize <= 0 || *test != '\0') {
+ if (*test != '\0') {
FATAL("\"%s\" specified for %s at line %i is not a "
"positive integer\n",
param->value, CONF_HTTP_BUFFER_SIZE, param->line);
@@ -130,7 +130,7 @@ void inputStream_initHttp(void)
param = getConfigParam(CONF_HTTP_PREBUFFER_SIZE);
if (param) {
- prebufferSize = strtol(param->value, &test, 10);
+ prebufferSize = strtoul(param->value, &test, 10);
if (prebufferSize <= 0 || *test != '\0') {
FATAL("\"%s\" specified for %s at line %i is not a "
@@ -430,7 +430,8 @@ static int finishHTTPInit(InputStream * inStream)
int error;
socklen_t error_len = sizeof(int);
int ret;
- int length;
+ size_t length;
+ ssize_t nbytes;
char request[2048];
tv.tv_sec = 0;
@@ -456,7 +457,7 @@ static int finishHTTPInit(InputStream * inStream)
goto close_err;
/* deal with ICY metadata later, for now its fucking up stuff! */
- length = snprintf(request, sizeof(request),
+ length = (size_t)snprintf(request, sizeof(request),
"GET %s HTTP/1.1\r\n"
"Host: %s\r\n"
"Connection: close\r\n"
@@ -473,8 +474,8 @@ static int finishHTTPInit(InputStream * inStream)
if (length >= sizeof(request))
goto close_err;
- ret = write(data->sock, request, length);
- if (ret != length)
+ nbytes = write(data->sock, request, length);
+ if (nbytes < 0 || (size_t)nbytes != length)
goto close_err;
data->connState = HTTP_CONN_STATE_HELLO;
@@ -607,7 +608,7 @@ static int getHTTPHello(InputStream * inStream)
if (!inStream->size)
inStream->size = atol(cur + 18);
} else if (0 == strncasecmp(cur, "\r\nicy-metaint:", 14)) {
- data->icyMetaint = atoi(cur + 14);
+ data->icyMetaint = strtoul(cur + 14, NULL, 0);
} else if (0 == strncasecmp(cur, "\r\nicy-name:", 11) ||
0 == strncasecmp(cur, "\r\nice-name:", 11)) {
int incr = 11;
@@ -753,9 +754,9 @@ size_t inputStream_httpRead(InputStream * inStream, void *ptr, size_t size,
size_t nmemb)
{
InputStreamHTTPData *data = (InputStreamHTTPData *) inStream->data;
- long tosend = 0;
- long inlen = size * nmemb;
- long maxToSend = data->buflen;
+ size_t tosend = 0;
+ size_t inlen = size * nmemb;
+ size_t maxToSend = data->buflen;
inputStream_httpBuffer(inStream);
@@ -774,10 +775,8 @@ size_t inputStream_httpRead(InputStream * inStream, void *ptr, size_t size,
if (data->icyMetaint > 0) {
if (data->icyOffset >= data->icyMetaint) {
- int metalen = *(data->buffer);
+ size_t metalen = *(data->buffer);
metalen <<= 4;
- if (metalen < 0)
- metalen = 0;
if (metalen + 1 > data->buflen) {
/* damn that's some fucking big metadata! */
if (bufferSize < metalen + 1) {
@@ -879,7 +878,7 @@ int inputStream_httpBuffer(InputStream * inStream)
if (data->connState == HTTP_CONN_STATE_OPEN &&
data->buflen < bufferSize - 1) {
readed = read(data->sock, data->buffer + data->buflen,
- (size_t) (bufferSize - 1 - data->buflen));
+ bufferSize - 1 - data->buflen);
/* If the connection is currently unavailable, or interrupted (EINTR)
* Don't give an error, so it's retried later.
* Max times in a row to re-try this is HTTP_MAX_TRIES
diff --git a/src/interface.c b/src/interface.c
index 9a79f102e..029025cbf 100644
--- a/src/interface.c
+++ b/src/interface.c
@@ -59,26 +59,26 @@ static struct strnode *list_cache_tail;
typedef struct _Interface {
char buffer[INTERFACE_MAX_BUFFER_LENGTH];
- int bufferLength;
- int bufferPos;
+ size_t bufferLength;
+ size_t bufferPos;
int fd; /* file descriptor */
int permission;
time_t lastTime;
struct strnode *cmd_list; /* for when in list mode */
struct strnode *cmd_list_tail; /* for when in list mode */
int cmd_list_OK; /* print OK after each command execution */
- int cmd_list_size; /* mem cmd_list consumes */
+ size_t cmd_list_size; /* mem cmd_list consumes */
int cmd_list_dup; /* has the cmd_list been copied to private space? */
struct sllnode *deferred_send; /* for output if client is slow */
- int deferred_bytes; /* mem deferred_send consumes */
+ size_t deferred_bytes; /* mem deferred_send consumes */
int expired; /* set whether this interface should be closed on next
check of old interfaces */
int num; /* interface number */
char *send_buf;
- int send_buf_used; /* bytes used this instance */
- int send_buf_size; /* bytes usable this instance */
- int send_buf_alloc; /* bytes actually allocated */
+ size_t send_buf_used; /* bytes used this instance */
+ size_t send_buf_size; /* bytes usable this instance */
+ size_t send_buf_alloc; /* bytes actually allocated */
} Interface;
static Interface *interfaces;
@@ -88,7 +88,7 @@ static void flushInterfaceBuffer(Interface * interface);
static void printInterfaceOutBuffer(Interface * interface);
#ifdef SO_SNDBUF
-static int get_default_snd_buf_size(Interface * interface)
+static size_t get_default_snd_buf_size(Interface * interface)
{
int new_size;
socklen_t sockOptLen = sizeof(int);
@@ -99,12 +99,12 @@ static int get_default_snd_buf_size(Interface * interface)
return INTERFACE_DEFAULT_OUT_BUFFER_SIZE;
}
if (new_size > 0)
- return new_size;
+ return (size_t)new_size;
DEBUG("sockets send buffer size is not positive\n");
return INTERFACE_DEFAULT_OUT_BUFFER_SIZE;
}
#else /* !SO_SNDBUF */
-static int get_default_snd_buf_size(Interface * interface)
+static size_t get_default_snd_buf_size(Interface * interface)
{
return INTERFACE_DEFAULT_OUT_BUFFER_SIZE;
}
@@ -112,7 +112,7 @@ static int get_default_snd_buf_size(Interface * interface)
static void set_send_buf_size(Interface * interface)
{
- int new_size = get_default_snd_buf_size(interface);
+ size_t new_size = get_default_snd_buf_size(interface);
if (interface->send_buf_size != new_size) {
interface->send_buf_size = new_size;
/* don't resize to get smaller, only bigger */
@@ -313,12 +313,12 @@ static int processLineOfInput(Interface * interface)
if (interface->cmd_list_size >
interface_max_command_list_size) {
ERROR("interface %i: command "
- "list size (%i) is "
+ "list size (%lu) is "
"larger than the max "
- "(%li)\n",
+ "(%lu)\n",
interface->num,
- interface->cmd_list_size,
- (long)interface_max_command_list_size);
+ (unsigned long)interface->cmd_list_size,
+ (unsigned long)interface_max_command_list_size);
closeInterface(interface);
ret = COMMAND_RETURN_CLOSE;
} else
@@ -642,14 +642,14 @@ void closeOldInterfaces(void)
static void flushInterfaceBuffer(Interface * interface)
{
struct sllnode *buf;
- int ret = 0;
+ ssize_t ret = 0;
buf = interface->deferred_send;
while (buf) {
ret = write(interface->fd, buf->data, buf->size);
if (ret < 0)
break;
- else if (ret < buf->size) {
+ else if ((size_t)ret < buf->size) {
interface->deferred_bytes -= ret;
buf->data = (char *)buf->data + ret;
buf->size -= ret;
@@ -665,8 +665,8 @@ static void flushInterfaceBuffer(Interface * interface)
}
if (!interface->deferred_send) {
- DEBUG("interface %i: buffer empty %i\n", interface->num,
- interface->deferred_bytes);
+ DEBUG("interface %i: buffer empty %lu\n", interface->num,
+ (unsigned long)interface->deferred_bytes);
assert(interface->deferred_bytes == 0);
} else if (ret < 0 && errno != EAGAIN && errno != EINTR) {
/* cause interface to close */
@@ -684,10 +684,10 @@ static void flushInterfaceBuffer(Interface * interface)
}
}
-int interfacePrintWithFD(int fd, char *buffer, int buflen)
+int interfacePrintWithFD(int fd, char *buffer, size_t buflen)
{
static int i;
- int copylen;
+ size_t copylen;
Interface *interface;
assert(fd >= 0);
@@ -709,7 +709,7 @@ int interfacePrintWithFD(int fd, char *buffer, int buflen)
interface = interfaces + i;
while (buflen > 0 && !interface->expired) {
- int left = interface->send_buf_size - interface->send_buf_used;
+ size_t left = interface->send_buf_size - interface->send_buf_used;
copylen = buflen > left ? left : buflen;
memcpy(interface->send_buf + interface->send_buf_used, buffer,
copylen);
@@ -725,7 +725,7 @@ int interfacePrintWithFD(int fd, char *buffer, int buflen)
static void printInterfaceOutBuffer(Interface * interface)
{
- int ret;
+ ssize_t ret;
struct sllnode *buf;
if (interface->fd < 0 || interface->expired ||
@@ -770,7 +770,7 @@ static void printInterfaceOutBuffer(Interface * interface)
interface->expired = 1;
return;
}
- } else if (ret < interface->send_buf_used) {
+ } else if ((size_t)ret < interface->send_buf_used) {
interface->deferred_send =
new_sllnode(interface->send_buf + ret,
interface->send_buf_used - ret);
diff --git a/src/interface.h b/src/interface.h
index 70ba424dc..389e47136 100644
--- a/src/interface.h
+++ b/src/interface.h
@@ -26,7 +26,7 @@ void initInterfaces(void);
void openAInterface(int fd, struct sockaddr *addr);
void freeAllInterfaces(void);
void closeOldInterfaces(void);
-int interfacePrintWithFD(int fd, char *buffer, int len);
+int interfacePrintWithFD(int fd, char *buffer, size_t len);
int doIOForInterfaces(void);
diff --git a/src/ls.c b/src/ls.c
index 53e4c330d..3032935c6 100644
--- a/src/ls.c
+++ b/src/ls.c
@@ -112,10 +112,10 @@ int lsPlaylists(int fd, const char *utf8path)
char *actualPath = rpp2app_r(path_max_tmp,
utf8_to_fs_charset(path_max_tmp,
utf8path));
- int actlen = strlen(actualPath) + 1;
- int maxlen = MPD_PATH_MAX - actlen;
- int suflen = strlen(PLAYLIST_FILE_SUFFIX) + 1;
- int suff;
+ size_t actlen = strlen(actualPath) + 1;
+ size_t maxlen = MPD_PATH_MAX - actlen;
+ size_t suflen = strlen(PLAYLIST_FILE_SUFFIX) + 1;
+ ssize_t suff;
if (actlen > MPD_PATH_MAX - 1 || (dir = opendir(actualPath)) == NULL) {
return 0;
@@ -131,7 +131,7 @@ int lsPlaylists(int fd, const char *utf8path)
duplicated = ent->d_name;
if (mpd_likely(len <= maxlen) &&
duplicated[0] != '.' &&
- (suff = strlen(duplicated) - suflen) > 0 &&
+ (suff = (ssize_t)(strlen(duplicated) - suflen)) > 0 &&
duplicated[suff] == '.' &&
strcmp(duplicated + suff + 1, PLAYLIST_FILE_SUFFIX) == 0) {
memcpy(s + actlen, ent->d_name, len);
diff --git a/src/myfprintf.c b/src/myfprintf.c
index fdea2b78f..2f8ea7723 100644
--- a/src/myfprintf.c
+++ b/src/myfprintf.c
@@ -30,7 +30,7 @@ static void blockingWrite(const int fd, const char *string, size_t len)
{
while (len) {
ssize_t ret = xwrite(fd, string, len);
- if (ret == len)
+ if (ret == (ssize_t)len)
return;
if (ret >= 0) {
len -= ret;
diff --git a/src/outputBuffer.c b/src/outputBuffer.c
index 04770b478..25325ecb7 100644
--- a/src/outputBuffer.c
+++ b/src/outputBuffer.c
@@ -66,7 +66,7 @@ void flushOutputBuffer(OutputBuffer * cb)
int sendDataToOutputBuffer(OutputBuffer * cb, InputStream * inStream,
DecoderControl * dc, int seekable, void *dataIn,
- long dataInLen, float data_time, mpd_uint16 bitRate,
+ size_t dataInLen, float data_time, mpd_uint16 bitRate,
ReplayGainInfo * replayGainInfo)
{
mpd_uint16 dataToSend;
@@ -74,7 +74,7 @@ int sendDataToOutputBuffer(OutputBuffer * cb, InputStream * inStream,
char *data;
size_t datalen;
static char *convBuffer;
- static long convBufferLen;
+ static size_t convBufferLen;
if (cmpAudioFormat(&(cb->audioFormat), &(dc->audioFormat)) == 0) {
data = dataIn;
diff --git a/src/outputBuffer.h b/src/outputBuffer.h
index f690941d4..150748328 100644
--- a/src/outputBuffer.h
+++ b/src/outputBuffer.h
@@ -58,7 +58,7 @@ int sendDataToOutputBuffer(OutputBuffer * cb,
DecoderControl * dc,
int seekable,
void *data,
- long datalen,
+ size_t datalen,
float time,
mpd_uint16 bitRate, ReplayGainInfo * replayGainInfo);
diff --git a/src/pcm_utils.c b/src/pcm_utils.c
index d11d4d42f..be32729f0 100644
--- a/src/pcm_utils.c
+++ b/src/pcm_utils.c
@@ -359,7 +359,7 @@ static char *pcm_convertTo16bit(mpd_sint8 bits, char *inBuffer, size_t inSize,
char *outBuffer = NULL;
mpd_sint8 *in;
mpd_sint16 *out;
- int i;
+ size_t i;
switch (bits) {
case 8:
diff --git a/src/tag.c b/src/tag.c
index b3645e007..eb971ecdc 100644
--- a/src/tag.c
+++ b/src/tag.c
@@ -466,8 +466,8 @@ MpdTag *apeDup(char *file)
int tagCount;
char *buffer = NULL;
char *p;
- int tagLen;
- int size;
+ size_t tagLen;
+ size_t size;
unsigned long flags;
int i;
char *key;
@@ -508,7 +508,7 @@ MpdTag *apeDup(char *file)
/* determine if file has an apeV2 tag */
if (fseek(fp, 0, SEEK_END))
goto fail;
- size = ftell(fp);
+ size = (size_t)ftell(fp);
if (fseek(fp, size - sizeof(footer), SEEK_SET))
goto fail;
if (fread(&footer, 1, sizeof(footer), fp) != sizeof(footer))
@@ -554,7 +554,7 @@ MpdTag *apeDup(char *file)
tagLen--;
/* get the value */
- if (tagLen - size < 0)
+ if (tagLen < size)
goto fail;
/* we only care about utf-8 text tags */