Skip to content

Commit

Permalink
Simplify bounds checks
Browse files Browse the repository at this point in the history 
We can save a lot of work this way.
  • Loading branch information
@AZero13
AZero13 committed Oct 17, 2023
1 parent 2e931c9 commit 322f42e
Show file tree
Hide file tree
Showing 17 changed files with 115 additions and 100 deletions.
23 changes: 15 additions & 8 deletions backend/dnssd.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1085,12 +1085,13 @@ query_callback(

if (!_cups_strncasecmp(key, "usb_", 4))
{
size_t device_id_len = strlen(device_id);
/*
* Add USB device ID information...
*/

ptr = device_id + strlen(device_id);
snprintf(ptr, sizeof(device_id) - (size_t)(ptr - device_id), "%s:%s;", key + 4, value);
ptr = device_id + device_id_len;
snprintf(ptr, sizeof(device_id) - device_id_len, "%s:%s;", key + 4, value);
}

if (!_cups_strcasecmp(key, "usb_MFG") || !_cups_strcasecmp(key, "usb_MANU") ||
Expand All @@ -1102,9 +1103,12 @@ query_callback(
{
if (value[0] == '(')
{
/*
* Strip parenthesis...
*/
size_t val_len = strlen(value);
/*
* Strip parenthesis...
*/
if (val_len > 1 && value[val_len - 1] == ')')
value[val_len - 1] = '\0';

if ((ptr = value + strlen(value) - 1) > value && *ptr == ')')
*ptr = '\0';
Expand Down Expand Up @@ -1189,7 +1193,7 @@ query_callback(
char *valptr = value + strlen(value);
/* Pointer into value */

if (valptr < (value + sizeof(value) - 1))
if (valptr < (value + (sizeof(value) - 1)))
*valptr++ = ',';

ptr += 6;
Expand All @@ -1204,8 +1208,11 @@ query_callback(
*valptr = '\0';
}

ptr = device_id + strlen(device_id);
snprintf(ptr, sizeof(device_id) - (size_t)(ptr - device_id), "CMD:%s;", value + 1);
{
size_t device_len = strlen(device_id);
ptr = device_id + device_len;
snprintf(ptr, sizeof(device_id) - device_len, "CMD:%s;", value + 1);
}
}

if (device_id[0])
Expand Down
12 changes: 6 additions & 6 deletions backend/network.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,7 @@ backendNetworkSideCB(
const char *snmp_count; /* CUPS_SNMP_COUNT env var */
int count; /* Repetition count */

datalen = (int)strlen(data);
if ((snmp_count = getenv("CUPS_SNMP_COUNT")) != NULL)
{
if ((count = atoi(snmp_count)) <= 0)
Expand All @@ -178,16 +179,15 @@ backendNetworkSideCB(
else
count = 1;

for (dataptr = data + strlen(data) + 1;
count > 0 && dataptr < (data + sizeof(data) - 1);
for (dataptr = data + datalen + 1;
count > 0 && dataptr < (data + (sizeof(data) - 1));
count --, dataptr += strlen(dataptr))
cupsCopyString(dataptr, snmp_value, sizeof(data) - (size_t)(dataptr - data));

fprintf(stderr, "DEBUG: Returning %s %s\n", data,
data + strlen(data) + 1);
data + datalen);

status = CUPS_SC_STATUS_OK;
datalen = (int)(dataptr - data);
break;
}

Expand All @@ -210,7 +210,7 @@ backendNetworkSideCB(
{
if (_cupsSNMPRead(snmp_fd, &packet, 1.0))
{
size_t i; /* Looping var */
unsigned i; /* Looping var */


if (!_cupsSNMPOIDToString(packet.object_name, data, sizeof(data)))
Expand Down Expand Up @@ -240,7 +240,7 @@ backendNetworkSideCB(
if (packet.object_value.string.num_bytes < (sizeof(data) - (size_t)(dataptr - data)))
i = packet.object_value.string.num_bytes;
else
i = sizeof(data) - (size_t)(dataptr - data);
i = (unsigned)sizeof(data) - (size_t)(dataptr - data);

memcpy(dataptr, packet.object_value.string.bytes, i);

Expand Down
12 changes: 6 additions & 6 deletions cgi-bin/ipp-var.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,13 +97,13 @@ cgiGetAttributes(ipp_t *request, /* I - IPP request */
break;
else if (nameptr > name && ch == '?')
break;
else if (nameptr < (name + sizeof(name) - 1))
{
if (ch == '_')
else if (nameptr < (name + (sizeof(name) - 1)))
{
if (ch == '_')
*nameptr++ = '-';
else
*nameptr++ = (char)ch;
}
}

*nameptr = '\0';

Expand Down Expand Up @@ -875,7 +875,7 @@ cgiRewriteURL(const char *uri, /* I - Current URI */
*resptr++ = hexchars[*rawptr & 15];
}
}
else if (resptr < (resource + sizeof(resource) - 1))
else if (resptr < (resource + (sizeof(resource) - 1)))
*resptr++ = *rawptr;

*resptr = '\0';
Expand Down Expand Up @@ -967,7 +967,7 @@ cgiSetIPPObjectVars(
else
nameptr = name;

for (i = 0; attr->name[i] && nameptr < (name + sizeof(name) - 1); i ++)
for (i = 0; attr->name[i] && nameptr < (name + (sizeof(name) - 1)); i++)
if (attr->name[i] == '-')
*nameptr++ = '_';
else
Expand Down
6 changes: 3 additions & 3 deletions cgi-bin/template.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,7 +249,7 @@ cgi_copy(FILE *out, /* I - Output file */
uriencode = 1;
else if (s > name && ch == '?')
break;
else if (s < (name + sizeof(name) - 1))
else if (s < (name + (sizeof(name) - 1)))
*s++ = (char)ch;

*s = '\0';
Expand Down Expand Up @@ -454,8 +454,8 @@ cgi_copy(FILE *out, /* I - Output file */
for (s = compare; (ch = getc(in)) != EOF;)
if (ch == '?')
break;
else if (s >= (compare + sizeof(compare) - 1))
continue;
else if (s >= (compare + (sizeof(compare) - 1)))
continue;
else if (ch == '#')
{
snprintf(s, sizeof(compare) - (size_t)(s - compare), "%d", element + 1);
Expand Down
12 changes: 6 additions & 6 deletions cgi-bin/var.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -651,7 +651,7 @@ cgi_initialize_cookies(void)
*/

for (ptr = name; *cookie && *cookie != '=';)
if (ptr < (name + sizeof(name) - 1))
if (ptr < (name + (sizeof(name) - 1)))
{
*ptr++ = *cookie++;
}
Expand All @@ -674,7 +674,7 @@ cgi_initialize_cookies(void)
if (*cookie == '\"')
{
for (cookie ++, ptr = value; *cookie && *cookie != '\"';)
if (ptr < (value + sizeof(value) - 1))
if (ptr < (value + (sizeof(value) - 1)))
{
*ptr++ = *cookie++;
}
Expand All @@ -692,7 +692,7 @@ cgi_initialize_cookies(void)
else
{
for (ptr = value; *cookie && *cookie != ';';)
if (ptr < (value + sizeof(value) - 1))
if (ptr < (value + (sizeof(value) - 1)))
{
*ptr++ = *cookie++;
}
Expand Down Expand Up @@ -1103,7 +1103,7 @@ cgi_initialize_string(const char *data) /* I - Form data string */
break;

case '+' : /* Escaped space character */
if (s < (value + sizeof(value) - 1))
if (s < (value + (sizeof(value) - 1)))
*s++ = ' ';
break;

Expand All @@ -1115,7 +1115,7 @@ cgi_initialize_string(const char *data) /* I - Form data string */
if (!isxdigit(data[1] & 255) || !isxdigit(data[2] & 255))
return (0);

if (s < (value + sizeof(value) - 1))
if (s < (value + (sizeof(value) - 1)))
{
data ++;
ch = *data - '0';
Expand All @@ -1134,7 +1134,7 @@ cgi_initialize_string(const char *data) /* I - Form data string */
break;

default : /* Other characters come straight through */
if (*data >= ' ' && s < (value + sizeof(value) - 1))
if (*data >= ' ' && s < (value + (sizeof(value) - 1)))
*s++ = *data;
break;
}
Expand Down
12 changes: 6 additions & 6 deletions cups/debug.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -405,7 +405,7 @@ _cups_safe_vsnprintf(

while (isdigit(*format & 255))
{
if (tptr < (tformat + sizeof(tformat) - 1))
if (tptr < (tformat + (sizeof(tformat) - 1)))
*tptr++ = *format;

width = width * 10 + *format++ - '0';
Expand All @@ -414,7 +414,7 @@ _cups_safe_vsnprintf(

if (*format == '.')
{
if (tptr < (tformat + sizeof(tformat) - 1))
if (tptr < (tformat + (sizeof(tformat) - 1)))
*tptr++ = *format;

format ++;
Expand All @@ -437,7 +437,7 @@ _cups_safe_vsnprintf(

while (isdigit(*format & 255))
{
if (tptr < (tformat + sizeof(tformat) - 1))
if (tptr < (tformat + (sizeof(tformat) - 1)))
*tptr++ = *format;

prec = prec * 10 + *format++ - '0';
Expand All @@ -459,8 +459,8 @@ _cups_safe_vsnprintf(
}
else if (*format == 'h' || *format == 'l' || *format == 'L')
{
if (tptr < (tformat + sizeof(tformat) - 1))
*tptr++ = *format;
if (tptr < (tformat + (sizeof(tformat) - 1)))
*tptr++ = *format;

size = *format++;
}
Expand All @@ -470,7 +470,7 @@ _cups_safe_vsnprintf(
if (!*format)
break;

if (tptr < (tformat + sizeof(tformat) - 1))
if (tptr < (tformat + (sizeof(tformat) - 1)))
*tptr++ = *format;

type = *format++;
Expand Down
3 changes: 3 additions & 0 deletions cups/dest.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3859,6 +3859,9 @@ cups_queue_name(
const char *ptr; // Pointer into serviceName
char *nameptr; // Pointer into name

if (namesize == 0) {
return;
}

for (nameptr = name, ptr = serviceName; *ptr && nameptr < (name + namesize - 1); ptr ++)
{
Expand Down
5 changes: 2 additions & 3 deletions cups/encode.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -862,10 +862,9 @@ cupsEncodeOptions2(
const char * /* O - First out-of-order option or NULL */
_ippCheckOptions(void)
{
int i; /* Looping var */
size_t i; /* Looping var */


for (i = 0; i < (int)(sizeof(ipp_options) / sizeof(ipp_options[0]) - 1); i ++)
for (i = 0; i < sizeof(ipp_options) / sizeof(ipp_options[0]) - 1; i++)
if (strcmp(ipp_options[i].name, ipp_options[i + 1].name) >= 0)
return (ipp_options[i + 1].name);

Expand Down
Loading

0 comments on commit 322f42e

Please sign in to comment.