From 27f12c173d57d09d095d0e5ecfeb18acf5d2434a Mon Sep 17 00:00:00 2001 From: Max Kellermann Date: Wed, 26 Mar 2008 10:38:07 +0000 Subject: use size_t When dealing with in-memory lengths, the standard type "size_t" should be used. Missing one can be quite dangerous, because an attacker could provoke an integer under-/overflow, which may provide an attack vector. git-svn-id: https://svn.musicpd.org/mpd/trunk@7205 09075e82-0dd4-0310-85a5-a0d7c8717e4f --- src/inputStream_http.c | 37 ++++++++++++++++++------------------- src/interface.c | 48 ++++++++++++++++++++++++------------------------ src/interface.h | 2 +- src/ls.c | 10 +++++----- src/myfprintf.c | 2 +- src/outputBuffer.c | 4 ++-- src/outputBuffer.h | 2 +- src/pcm_utils.c | 2 +- src/tag.c | 8 ++++---- 9 files changed, 57 insertions(+), 58 deletions(-) (limited to 'src') diff --git a/src/inputStream_http.c b/src/inputStream_http.c index c5dccf9dd..9e9bbc921 100644 --- a/src/inputStream_http.c +++ b/src/inputStream_http.c @@ -40,8 +40,8 @@ static char *proxyHost; static char *proxyPort; static char *proxyUser; static char *proxyPassword; -static int bufferSize = HTTP_BUFFER_SIZE_DEFAULT; -static int prebufferSize = HTTP_PREBUFFER_SIZE_DEFAULT; +static size_t bufferSize = HTTP_BUFFER_SIZE_DEFAULT; +static size_t prebufferSize = HTTP_PREBUFFER_SIZE_DEFAULT; typedef struct _InputStreemHTTPData { char *host; @@ -52,9 +52,9 @@ typedef struct _InputStreemHTTPData { char *buffer; size_t buflen; int timesRedirected; - int icyMetaint; + size_t icyMetaint; int prebuffer; - int icyOffset; + size_t icyOffset; char *proxyAuth; char *httpAuth; /* Number of times mpd tried to get data */ @@ -113,9 +113,9 @@ void inputStream_initHttp(void) param = getConfigParam(CONF_HTTP_BUFFER_SIZE); if (param) { - bufferSize = strtol(param->value, &test, 10); + bufferSize = strtoul(param->value, &test, 10); - if (bufferSize <= 0 || *test != '\0') { + if (*test != '\0') { FATAL("\"%s\" specified for %s at line %i is not a " "positive integer\n", param->value, CONF_HTTP_BUFFER_SIZE, param->line); @@ -130,7 +130,7 @@ void inputStream_initHttp(void) param = getConfigParam(CONF_HTTP_PREBUFFER_SIZE); if (param) { - prebufferSize = strtol(param->value, &test, 10); + prebufferSize = strtoul(param->value, &test, 10); if (prebufferSize <= 0 || *test != '\0') { FATAL("\"%s\" specified for %s at line %i is not a " @@ -430,7 +430,8 @@ static int finishHTTPInit(InputStream * inStream) int error; socklen_t error_len = sizeof(int); int ret; - int length; + size_t length; + ssize_t nbytes; char request[2048]; tv.tv_sec = 0; @@ -456,7 +457,7 @@ static int finishHTTPInit(InputStream * inStream) goto close_err; /* deal with ICY metadata later, for now its fucking up stuff! */ - length = snprintf(request, sizeof(request), + length = (size_t)snprintf(request, sizeof(request), "GET %s HTTP/1.1\r\n" "Host: %s\r\n" "Connection: close\r\n" @@ -473,8 +474,8 @@ static int finishHTTPInit(InputStream * inStream) if (length >= sizeof(request)) goto close_err; - ret = write(data->sock, request, length); - if (ret != length) + nbytes = write(data->sock, request, length); + if (nbytes < 0 || (size_t)nbytes != length) goto close_err; data->connState = HTTP_CONN_STATE_HELLO; @@ -607,7 +608,7 @@ static int getHTTPHello(InputStream * inStream) if (!inStream->size) inStream->size = atol(cur + 18); } else if (0 == strncasecmp(cur, "\r\nicy-metaint:", 14)) { - data->icyMetaint = atoi(cur + 14); + data->icyMetaint = strtoul(cur + 14, NULL, 0); } else if (0 == strncasecmp(cur, "\r\nicy-name:", 11) || 0 == strncasecmp(cur, "\r\nice-name:", 11)) { int incr = 11; @@ -753,9 +754,9 @@ size_t inputStream_httpRead(InputStream * inStream, void *ptr, size_t size, size_t nmemb) { InputStreamHTTPData *data = (InputStreamHTTPData *) inStream->data; - long tosend = 0; - long inlen = size * nmemb; - long maxToSend = data->buflen; + size_t tosend = 0; + size_t inlen = size * nmemb; + size_t maxToSend = data->buflen; inputStream_httpBuffer(inStream); @@ -774,10 +775,8 @@ size_t inputStream_httpRead(InputStream * inStream, void *ptr, size_t size, if (data->icyMetaint > 0) { if (data->icyOffset >= data->icyMetaint) { - int metalen = *(data->buffer); + size_t metalen = *(data->buffer); metalen <<= 4; - if (metalen < 0) - metalen = 0; if (metalen + 1 > data->buflen) { /* damn that's some fucking big metadata! */ if (bufferSize < metalen + 1) { @@ -879,7 +878,7 @@ int inputStream_httpBuffer(InputStream * inStream) if (data->connState == HTTP_CONN_STATE_OPEN && data->buflen < bufferSize - 1) { readed = read(data->sock, data->buffer + data->buflen, - (size_t) (bufferSize - 1 - data->buflen)); + bufferSize - 1 - data->buflen); /* If the connection is currently unavailable, or interrupted (EINTR) * Don't give an error, so it's retried later. * Max times in a row to re-try this is HTTP_MAX_TRIES diff --git a/src/interface.c b/src/interface.c index 9a79f102e..029025cbf 100644 --- a/src/interface.c +++ b/src/interface.c @@ -59,26 +59,26 @@ static struct strnode *list_cache_tail; typedef struct _Interface { char buffer[INTERFACE_MAX_BUFFER_LENGTH]; - int bufferLength; - int bufferPos; + size_t bufferLength; + size_t bufferPos; int fd; /* file descriptor */ int permission; time_t lastTime; struct strnode *cmd_list; /* for when in list mode */ struct strnode *cmd_list_tail; /* for when in list mode */ int cmd_list_OK; /* print OK after each command execution */ - int cmd_list_size; /* mem cmd_list consumes */ + size_t cmd_list_size; /* mem cmd_list consumes */ int cmd_list_dup; /* has the cmd_list been copied to private space? */ struct sllnode *deferred_send; /* for output if client is slow */ - int deferred_bytes; /* mem deferred_send consumes */ + size_t deferred_bytes; /* mem deferred_send consumes */ int expired; /* set whether this interface should be closed on next check of old interfaces */ int num; /* interface number */ char *send_buf; - int send_buf_used; /* bytes used this instance */ - int send_buf_size; /* bytes usable this instance */ - int send_buf_alloc; /* bytes actually allocated */ + size_t send_buf_used; /* bytes used this instance */ + size_t send_buf_size; /* bytes usable this instance */ + size_t send_buf_alloc; /* bytes actually allocated */ } Interface; static Interface *interfaces; @@ -88,7 +88,7 @@ static void flushInterfaceBuffer(Interface * interface); static void printInterfaceOutBuffer(Interface * interface); #ifdef SO_SNDBUF -static int get_default_snd_buf_size(Interface * interface) +static size_t get_default_snd_buf_size(Interface * interface) { int new_size; socklen_t sockOptLen = sizeof(int); @@ -99,12 +99,12 @@ static int get_default_snd_buf_size(Interface * interface) return INTERFACE_DEFAULT_OUT_BUFFER_SIZE; } if (new_size > 0) - return new_size; + return (size_t)new_size; DEBUG("sockets send buffer size is not positive\n"); return INTERFACE_DEFAULT_OUT_BUFFER_SIZE; } #else /* !SO_SNDBUF */ -static int get_default_snd_buf_size(Interface * interface) +static size_t get_default_snd_buf_size(Interface * interface) { return INTERFACE_DEFAULT_OUT_BUFFER_SIZE; } @@ -112,7 +112,7 @@ static int get_default_snd_buf_size(Interface * interface) static void set_send_buf_size(Interface * interface) { - int new_size = get_default_snd_buf_size(interface); + size_t new_size = get_default_snd_buf_size(interface); if (interface->send_buf_size != new_size) { interface->send_buf_size = new_size; /* don't resize to get smaller, only bigger */ @@ -313,12 +313,12 @@ static int processLineOfInput(Interface * interface) if (interface->cmd_list_size > interface_max_command_list_size) { ERROR("interface %i: command " - "list size (%i) is " + "list size (%lu) is " "larger than the max " - "(%li)\n", + "(%lu)\n", interface->num, - interface->cmd_list_size, - (long)interface_max_command_list_size); + (unsigned long)interface->cmd_list_size, + (unsigned long)interface_max_command_list_size); closeInterface(interface); ret = COMMAND_RETURN_CLOSE; } else @@ -642,14 +642,14 @@ void closeOldInterfaces(void) static void flushInterfaceBuffer(Interface * interface) { struct sllnode *buf; - int ret = 0; + ssize_t ret = 0; buf = interface->deferred_send; while (buf) { ret = write(interface->fd, buf->data, buf->size); if (ret < 0) break; - else if (ret < buf->size) { + else if ((size_t)ret < buf->size) { interface->deferred_bytes -= ret; buf->data = (char *)buf->data + ret; buf->size -= ret; @@ -665,8 +665,8 @@ static void flushInterfaceBuffer(Interface * interface) } if (!interface->deferred_send) { - DEBUG("interface %i: buffer empty %i\n", interface->num, - interface->deferred_bytes); + DEBUG("interface %i: buffer empty %lu\n", interface->num, + (unsigned long)interface->deferred_bytes); assert(interface->deferred_bytes == 0); } else if (ret < 0 && errno != EAGAIN && errno != EINTR) { /* cause interface to close */ @@ -684,10 +684,10 @@ static void flushInterfaceBuffer(Interface * interface) } } -int interfacePrintWithFD(int fd, char *buffer, int buflen) +int interfacePrintWithFD(int fd, char *buffer, size_t buflen) { static int i; - int copylen; + size_t copylen; Interface *interface; assert(fd >= 0); @@ -709,7 +709,7 @@ int interfacePrintWithFD(int fd, char *buffer, int buflen) interface = interfaces + i; while (buflen > 0 && !interface->expired) { - int left = interface->send_buf_size - interface->send_buf_used; + size_t left = interface->send_buf_size - interface->send_buf_used; copylen = buflen > left ? left : buflen; memcpy(interface->send_buf + interface->send_buf_used, buffer, copylen); @@ -725,7 +725,7 @@ int interfacePrintWithFD(int fd, char *buffer, int buflen) static void printInterfaceOutBuffer(Interface * interface) { - int ret; + ssize_t ret; struct sllnode *buf; if (interface->fd < 0 || interface->expired || @@ -770,7 +770,7 @@ static void printInterfaceOutBuffer(Interface * interface) interface->expired = 1; return; } - } else if (ret < interface->send_buf_used) { + } else if ((size_t)ret < interface->send_buf_used) { interface->deferred_send = new_sllnode(interface->send_buf + ret, interface->send_buf_used - ret); diff --git a/src/interface.h b/src/interface.h index 70ba424dc..389e47136 100644 --- a/src/interface.h +++ b/src/interface.h @@ -26,7 +26,7 @@ void initInterfaces(void); void openAInterface(int fd, struct sockaddr *addr); void freeAllInterfaces(void); void closeOldInterfaces(void); -int interfacePrintWithFD(int fd, char *buffer, int len); +int interfacePrintWithFD(int fd, char *buffer, size_t len); int doIOForInterfaces(void); diff --git a/src/ls.c b/src/ls.c index 53e4c330d..3032935c6 100644 --- a/src/ls.c +++ b/src/ls.c @@ -112,10 +112,10 @@ int lsPlaylists(int fd, const char *utf8path) char *actualPath = rpp2app_r(path_max_tmp, utf8_to_fs_charset(path_max_tmp, utf8path)); - int actlen = strlen(actualPath) + 1; - int maxlen = MPD_PATH_MAX - actlen; - int suflen = strlen(PLAYLIST_FILE_SUFFIX) + 1; - int suff; + size_t actlen = strlen(actualPath) + 1; + size_t maxlen = MPD_PATH_MAX - actlen; + size_t suflen = strlen(PLAYLIST_FILE_SUFFIX) + 1; + ssize_t suff; if (actlen > MPD_PATH_MAX - 1 || (dir = opendir(actualPath)) == NULL) { return 0; @@ -131,7 +131,7 @@ int lsPlaylists(int fd, const char *utf8path) duplicated = ent->d_name; if (mpd_likely(len <= maxlen) && duplicated[0] != '.' && - (suff = strlen(duplicated) - suflen) > 0 && + (suff = (ssize_t)(strlen(duplicated) - suflen)) > 0 && duplicated[suff] == '.' && strcmp(duplicated + suff + 1, PLAYLIST_FILE_SUFFIX) == 0) { memcpy(s + actlen, ent->d_name, len); diff --git a/src/myfprintf.c b/src/myfprintf.c index fdea2b78f..2f8ea7723 100644 --- a/src/myfprintf.c +++ b/src/myfprintf.c @@ -30,7 +30,7 @@ static void blockingWrite(const int fd, const char *string, size_t len) { while (len) { ssize_t ret = xwrite(fd, string, len); - if (ret == len) + if (ret == (ssize_t)len) return; if (ret >= 0) { len -= ret; diff --git a/src/outputBuffer.c b/src/outputBuffer.c index 04770b478..25325ecb7 100644 --- a/src/outputBuffer.c +++ b/src/outputBuffer.c @@ -66,7 +66,7 @@ void flushOutputBuffer(OutputBuffer * cb) int sendDataToOutputBuffer(OutputBuffer * cb, InputStream * inStream, DecoderControl * dc, int seekable, void *dataIn, - long dataInLen, float data_time, mpd_uint16 bitRate, + size_t dataInLen, float data_time, mpd_uint16 bitRate, ReplayGainInfo * replayGainInfo) { mpd_uint16 dataToSend; @@ -74,7 +74,7 @@ int sendDataToOutputBuffer(OutputBuffer * cb, InputStream * inStream, char *data; size_t datalen; static char *convBuffer; - static long convBufferLen; + static size_t convBufferLen; if (cmpAudioFormat(&(cb->audioFormat), &(dc->audioFormat)) == 0) { data = dataIn; diff --git a/src/outputBuffer.h b/src/outputBuffer.h index f690941d4..150748328 100644 --- a/src/outputBuffer.h +++ b/src/outputBuffer.h @@ -58,7 +58,7 @@ int sendDataToOutputBuffer(OutputBuffer * cb, DecoderControl * dc, int seekable, void *data, - long datalen, + size_t datalen, float time, mpd_uint16 bitRate, ReplayGainInfo * replayGainInfo); diff --git a/src/pcm_utils.c b/src/pcm_utils.c index d11d4d42f..be32729f0 100644 --- a/src/pcm_utils.c +++ b/src/pcm_utils.c @@ -359,7 +359,7 @@ static char *pcm_convertTo16bit(mpd_sint8 bits, char *inBuffer, size_t inSize, char *outBuffer = NULL; mpd_sint8 *in; mpd_sint16 *out; - int i; + size_t i; switch (bits) { case 8: diff --git a/src/tag.c b/src/tag.c index b3645e007..eb971ecdc 100644 --- a/src/tag.c +++ b/src/tag.c @@ -466,8 +466,8 @@ MpdTag *apeDup(char *file) int tagCount; char *buffer = NULL; char *p; - int tagLen; - int size; + size_t tagLen; + size_t size; unsigned long flags; int i; char *key; @@ -508,7 +508,7 @@ MpdTag *apeDup(char *file) /* determine if file has an apeV2 tag */ if (fseek(fp, 0, SEEK_END)) goto fail; - size = ftell(fp); + size = (size_t)ftell(fp); if (fseek(fp, size - sizeof(footer), SEEK_SET)) goto fail; if (fread(&footer, 1, sizeof(footer), fp) != sizeof(footer)) @@ -554,7 +554,7 @@ MpdTag *apeDup(char *file) tagLen--; /* get the value */ - if (tagLen - size < 0) + if (tagLen < size) goto fail; /* we only care about utf-8 text tags */ -- cgit v1.2.3