From a82c089ed9f856e0e4fc38247eea0e7d1c40fd7d Mon Sep 17 00:00:00 2001 From: Rose <83477269+AtariDreams@users.noreply.github.com> Date: Thu, 27 Apr 2023 12:14:29 -0400 Subject: [PATCH] Simplify bounds checks We can save a lot of work this way. --- backend/dnssd.c | 2 +- cgi-bin/ipp-var.c | 6 +++--- cgi-bin/template.c | 4 ++-- cgi-bin/var.c | 12 ++++++------ cups/debug.c | 10 +++++----- cups/dest.c | 3 +++ cups/encode.c | 5 ++--- cups/http-addrlist.c | 42 ++++++++++++++++++++++-------------------- scheduler/auth.c | 9 +++++---- scheduler/log.c | 13 ++++++------- scheduler/printers.c | 15 +++++---------- tools/ippeveprinter.c | 24 ++++++++++++------------ tools/ippfind.c | 2 +- tools/ipptool.c | 4 ++++ 14 files changed, 77 insertions(+), 74 deletions(-) diff --git a/backend/dnssd.c b/backend/dnssd.c index ba98826757..f3c60d0abf 100644 --- a/backend/dnssd.c +++ b/backend/dnssd.c @@ -1189,7 +1189,7 @@ query_callback( char *valptr = value + strlen(value); /* Pointer into value */ - if (valptr < (value + sizeof(value) - 1)) + if (valptr < (value + (sizeof(value) - 1))) *valptr++ = ','; ptr += 6; diff --git a/cgi-bin/ipp-var.c b/cgi-bin/ipp-var.c index ade70deac2..9f6def3529 100644 --- a/cgi-bin/ipp-var.c +++ b/cgi-bin/ipp-var.c @@ -97,7 +97,7 @@ cgiGetAttributes(ipp_t *request, /* I - IPP request */ break; else if (nameptr > name && ch == '?') break; - else if (nameptr < (name + sizeof(name) - 1)) + else if (nameptr < (name + (sizeof(name) - 1))) { if (ch == '_') *nameptr++ = '-'; @@ -875,7 +875,7 @@ cgiRewriteURL(const char *uri, /* I - Current URI */ *resptr++ = hexchars[*rawptr & 15]; } } - else if (resptr < (resource + sizeof(resource) - 1)) + else if (resptr < (resource + (sizeof(resource) - 1))) *resptr++ = *rawptr; *resptr = '\0'; @@ -967,7 +967,7 @@ cgiSetIPPObjectVars( else nameptr = name; - for (i = 0; attr->name[i] && nameptr < (name + sizeof(name) - 1); i ++) + for (i = 0; attr->name[i] && nameptr < (name + (sizeof(name) - 1)); i++) if (attr->name[i] == '-') *nameptr++ = '_'; else diff --git a/cgi-bin/template.c b/cgi-bin/template.c index acd3f43140..c782567d06 100644 --- a/cgi-bin/template.c +++ b/cgi-bin/template.c @@ -249,7 +249,7 @@ cgi_copy(FILE *out, /* I - Output file */ uriencode = 1; else if (s > name && ch == '?') break; - else if (s < (name + sizeof(name) - 1)) + else if (s < (name + (sizeof(name) - 1))) *s++ = (char)ch; *s = '\0'; @@ -454,7 +454,7 @@ cgi_copy(FILE *out, /* I - Output file */ for (s = compare; (ch = getc(in)) != EOF;) if (ch == '?') break; - else if (s >= (compare + sizeof(compare) - 1)) + else if (s >= (compare + (sizeof(compare) - 1))) continue; else if (ch == '#') { diff --git a/cgi-bin/var.c b/cgi-bin/var.c index b2bcb00720..09c3c520c8 100644 --- a/cgi-bin/var.c +++ b/cgi-bin/var.c @@ -651,7 +651,7 @@ cgi_initialize_cookies(void) */ for (ptr = name; *cookie && *cookie != '=';) - if (ptr < (name + sizeof(name) - 1)) + if (ptr < (name + (sizeof(name) - 1))) { *ptr++ = *cookie++; } @@ -674,7 +674,7 @@ cgi_initialize_cookies(void) if (*cookie == '\"') { for (cookie ++, ptr = value; *cookie && *cookie != '\"';) - if (ptr < (value + sizeof(value) - 1)) + if (ptr < (value + (sizeof(value) - 1))) { *ptr++ = *cookie++; } @@ -692,7 +692,7 @@ cgi_initialize_cookies(void) else { for (ptr = value; *cookie && *cookie != ';';) - if (ptr < (value + sizeof(value) - 1)) + if (ptr < (value + (sizeof(value) - 1))) { *ptr++ = *cookie++; } @@ -1103,7 +1103,7 @@ cgi_initialize_string(const char *data) /* I - Form data string */ break; case '+' : /* Escaped space character */ - if (s < (value + sizeof(value) - 1)) + if (s < (value + (sizeof(value) - 1))) *s++ = ' '; break; @@ -1115,7 +1115,7 @@ cgi_initialize_string(const char *data) /* I - Form data string */ if (!isxdigit(data[1] & 255) || !isxdigit(data[2] & 255)) return (0); - if (s < (value + sizeof(value) - 1)) + if (s < (value + (sizeof(value) - 1))) { data ++; ch = *data - '0'; @@ -1134,7 +1134,7 @@ cgi_initialize_string(const char *data) /* I - Form data string */ break; default : /* Other characters come straight through */ - if (*data >= ' ' && s < (value + sizeof(value) - 1)) + if (*data >= ' ' && s < (value + (sizeof(value) - 1))) *s++ = *data; break; } diff --git a/cups/debug.c b/cups/debug.c index 714e7f912c..e34883a4fb 100644 --- a/cups/debug.c +++ b/cups/debug.c @@ -405,7 +405,7 @@ _cups_safe_vsnprintf( while (isdigit(*format & 255)) { - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; width = width * 10 + *format++ - '0'; @@ -414,7 +414,7 @@ _cups_safe_vsnprintf( if (*format == '.') { - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; format ++; @@ -437,7 +437,7 @@ _cups_safe_vsnprintf( while (isdigit(*format & 255)) { - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; prec = prec * 10 + *format++ - '0'; @@ -459,7 +459,7 @@ _cups_safe_vsnprintf( } else if (*format == 'h' || *format == 'l' || *format == 'L') { - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; size = *format++; @@ -470,7 +470,7 @@ _cups_safe_vsnprintf( if (!*format) break; - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; type = *format++; diff --git a/cups/dest.c b/cups/dest.c index 906d2bd5c8..93ef9ed976 100644 --- a/cups/dest.c +++ b/cups/dest.c @@ -3859,6 +3859,9 @@ cups_queue_name( const char *ptr; // Pointer into serviceName char *nameptr; // Pointer into name + if (namesize == 0) { + return; + } for (nameptr = name, ptr = serviceName; *ptr && nameptr < (name + namesize - 1); ptr ++) { diff --git a/cups/encode.c b/cups/encode.c index 735c2d3c19..ff5ebd2ad0 100644 --- a/cups/encode.c +++ b/cups/encode.c @@ -862,10 +862,9 @@ cupsEncodeOptions2( const char * /* O - First out-of-order option or NULL */ _ippCheckOptions(void) { - int i; /* Looping var */ + size_t i; /* Looping var */ - - for (i = 0; i < (int)(sizeof(ipp_options) / sizeof(ipp_options[0]) - 1); i ++) + for (i = 0; i < sizeof(ipp_options) / sizeof(ipp_options[0]) - 1; i++) if (strcmp(ipp_options[i].name, ipp_options[i + 1].name) >= 0) return (ipp_options[i + 1].name); diff --git a/cups/http-addrlist.c b/cups/http-addrlist.c index 28f16a3198..d1cff0b3c7 100644 --- a/cups/http-addrlist.c +++ b/cups/http-addrlist.c @@ -57,13 +57,20 @@ httpAddrConnect2( { int val; /* Socket option value */ #ifndef _WIN32 - int i, j, /* Looping vars */ - flags, /* Socket flags */ - result; /* Result from select() or poll() */ + unsigned i, j; /* Looping vars */ + int flags, /* Socket flags */ + result; /* Result from select() or poll() */ #endif /* !_WIN32 */ int remaining; /* Remaining timeout */ + +# ifdef _WIN32 int nfds, /* Number of file descriptors */ fds[100]; /* Socket file descriptors */ +#else + nfds_t nfds; /* Number of file descriptors */ + int fds[100]; /* Socket file descriptors */ +#endif + http_addrlist_t *addrs[100]; /* Addresses */ int max_fd = -1; /* Highest file descriptor */ #ifdef O_NONBLOCK @@ -108,14 +115,13 @@ httpAddrConnect2( { while (nfds > 0) { - nfds --; - httpAddrClose(NULL, fds[nfds]); + httpAddrClose(NULL, fds[--nfds]); } return (NULL); } - if (addrlist && nfds < (int)(sizeof(fds) / sizeof(fds[0]))) + if (addrlist && nfds < (sizeof(fds) / sizeof(fds[0]))) { /* * Create the socket... @@ -196,8 +202,7 @@ httpAddrConnect2( while (nfds > 0) { - nfds --; - httpAddrClose(NULL, fds[nfds]); + httpAddrClose(NULL, fds[--nfds]); } return (addrlist); @@ -222,8 +227,7 @@ httpAddrConnect2( if (fds[nfds] > max_fd) max_fd = fds[nfds]; - addrs[nfds] = addrlist; - nfds ++; + addrs[nfds++] = addrlist; addrlist = addrlist->next; } @@ -256,8 +260,7 @@ httpAddrConnect2( while (nfds > 0) { - nfds --; - httpAddrClose(NULL, fds[nfds]); + httpAddrClose(NULL, fds[--nfds]); } *sock = -1; @@ -271,7 +274,7 @@ httpAddrConnect2( pfds[i].events = POLLIN | POLLOUT; } - result = poll(pfds, (nfds_t)nfds, addrlist ? 100 : remaining > 250 ? 250 : remaining); + result = poll(pfds, nfds, addrlist ? 100 : remaining > 250 ? 250 : remaining); DEBUG_printf("1httpAddrConnect2: poll() returned %d (%d)", result, errno); } @@ -364,8 +367,7 @@ httpAddrConnect2( while (nfds > 0) { - nfds --; - httpAddrClose(NULL, fds[nfds]); + httpAddrClose(NULL, fds[--nfds]); } #ifdef _WIN32 @@ -471,7 +473,7 @@ httpAddrGetList(const char *hostname, /* I - Hostname, IP address, or NULL for p *temp; /* New address */ char ipv6[64], /* IPv6 address */ *ipv6zone; /* Pointer to zone separator */ - int ipv6len; /* Length of IPv6 address */ + size_t ipv6len; /* Length of IPv6 address */ _cups_globals_t *cg = _cupsGlobals(); /* Global data */ @@ -565,9 +567,9 @@ httpAddrGetList(const char *hostname, /* I - Hostname, IP address, or NULL for p */ cupsCopyString(ipv6, hostname + 4, sizeof(ipv6)); - if ((ipv6len = (int)strlen(ipv6) - 1) >= 0 && ipv6[ipv6len] == ']') + if ((ipv6len = strlen(ipv6) - 1) >= 0 && ipv6[ipv6len] == ']') { - ipv6[ipv6len] = '\0'; + ipv6[ipv6len - 1] = '\0'; hostname = ipv6; /* @@ -585,9 +587,9 @@ httpAddrGetList(const char *hostname, /* I - Hostname, IP address, or NULL for p */ cupsCopyString(ipv6, hostname + 1, sizeof(ipv6)); - if ((ipv6len = (int)strlen(ipv6) - 1) >= 0 && ipv6[ipv6len] == ']') + if ((ipv6len = strlen(ipv6) - 1) >= 0 && ipv6[ipv6len] == ']') { - ipv6[ipv6len] = '\0'; + ipv6[ipv6len - 1] = '\0'; hostname = ipv6; } } diff --git a/scheduler/auth.c b/scheduler/auth.c index 80cf59fc99..e08a081d27 100644 --- a/scheduler/auth.c +++ b/scheduler/auth.c @@ -1331,8 +1331,9 @@ cupsdFindBest(const char *path, /* I - Resource path */ if ((uriptr = strchr(uri, '?')) != NULL) *uriptr = '\0'; /* Drop trailing query string */ - if ((uriptr = uri + strlen(uri) - 1) > uri && *uriptr == '/') - *uriptr = '\0'; /* Remove trailing '/' */ + bestlen = strlen(uri); + if (bestlen > 1 && uri[bestlen - 1] == '/') + uri[bestlen - 1] = '\0'; /* Remove trailing '/' */ if (!strncmp(uri, "/printers/", 10) || !strncmp(uri, "/classes/", 9)) @@ -1341,7 +1342,7 @@ cupsdFindBest(const char *path, /* I - Resource path */ * Check if the URI has .ppd on the end... */ - uriptr = uri + strlen(uri) - 4; /* len > 4 if we get here... */ + uriptr = uri + bestlen - 4; /* len > 4 if we get here... */ if (!strcmp(uriptr, ".ppd")) *uriptr = '\0'; @@ -1362,7 +1363,7 @@ cupsdFindBest(const char *path, /* I - Resource path */ loc; loc = (cupsd_location_t *)cupsArrayNext(Locations)) { - cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindBest: Location %s(%d) Limit %x", loc->location ? loc->location : "(null)", (int)loc->length, loc->limit); + cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFindBest: Location %s(%u) Limit %x", loc->location ? loc->location : "(null)", (unsigned)loc->length, loc->limit); if (!strncmp(uri, "/printers/", 10) || !strncmp(uri, "/classes/", 9)) { diff --git a/scheduler/log.c b/scheduler/log.c index 267ce77a04..58cf88a7f6 100644 --- a/scheduler/log.c +++ b/scheduler/log.c @@ -156,8 +156,7 @@ cupsdCheckLogFile(cups_file_t **lf, /* IO - Log file */ filename[0] = '\0'; for (logptr = logname, ptr = filename + strlen(filename); - *logptr && ptr < (filename + sizeof(filename) - 1); - logptr ++) + *logptr && ptr < (filename + (sizeof(filename) - 1)); logptr++) if (*logptr == '%') { /* @@ -801,7 +800,7 @@ cupsdLogPage(cupsd_job_t *job, /* I - Job being printed */ switch (*format) { case '%' : /* Literal % */ - if (bufptr < (buffer + sizeof(buffer) - 1)) + if (bufptr < (buffer + (sizeof(buffer) - 1))) *bufptr++ = '%'; break; @@ -875,7 +874,7 @@ cupsdLogPage(cupsd_job_t *job, /* I - Job being printed */ for (i = 0; i < attr->num_values && - bufptr < (buffer + sizeof(buffer) - 1); + bufptr < (buffer + (sizeof(buffer) - 1)); i ++) { if (i) @@ -934,13 +933,13 @@ cupsdLogPage(cupsd_job_t *job, /* I - Job being printed */ } } } - else if (bufptr < (buffer + sizeof(buffer) - 1)) + else if (bufptr < (buffer + (sizeof(buffer) - 1))) *bufptr++ = '-'; break; } default : - if (bufptr < (buffer + sizeof(buffer) - 2)) + if (bufptr < (buffer + (sizeof(buffer) - 2))) { *bufptr++ = '%'; *bufptr++ = *format; @@ -948,7 +947,7 @@ cupsdLogPage(cupsd_job_t *job, /* I - Job being printed */ break; } } - else if (bufptr < (buffer + sizeof(buffer) - 1)) + else if (bufptr < (buffer + (sizeof(buffer) - 1))) *bufptr++ = *format; } diff --git a/scheduler/printers.c b/scheduler/printers.c index 7bca3bdc9b..89b52c7445 100644 --- a/scheduler/printers.c +++ b/scheduler/printers.c @@ -1577,9 +1577,7 @@ cupsdSaveAllPrinters(void) snprintf(value, sizeof(value), "%s ", marker->name); for (i = 0, ptr = value + strlen(value); - i < marker->num_values && ptr < (value + sizeof(value) - 1); - i ++) - { + i < marker->num_values && ptr < (value + (sizeof(value) - 1)); i++) { if (i) *ptr++ = ','; @@ -1636,9 +1634,7 @@ cupsdSaveAllPrinters(void) snprintf(value, sizeof(value), "%s ", marker->name); for (i = 0, ptr = value + strlen(value); - i < marker->num_values && ptr < (value + sizeof(value) - 1); - i ++) - { + i < marker->num_values && ptr < (value + (sizeof(value) - 1)); i++) { if (i) *ptr++ = ','; @@ -1656,8 +1652,7 @@ cupsdSaveAllPrinters(void) snprintf(value, sizeof(value), "%s ", marker->name); for (i = 0, ptr = value + strlen(value); - i < marker->num_values && ptr < (value + sizeof(value) - 1); - i ++) + i < marker->num_values && ptr < (value + (sizeof(value) - 1)); i++) { if (i) *ptr++ = ','; @@ -2144,7 +2139,7 @@ cupsdSetPrinterAttr( level = ippGetInteger(levels, i); type = ippGetString(types, i, NULL); - for (psptr = pstype; *type && psptr < (pstype + sizeof(pstype) - 1); type ++) + for (psptr = pstype; *type && psptr < (pstype + (sizeof(pstype) - 1)); type++) if (*type == '-') { type ++; @@ -2590,7 +2585,7 @@ cupsdSetPrinterReasons( sptr ++; for (rptr = reason; *sptr && !isspace(*sptr & 255) && *sptr != ','; sptr ++) - if (rptr < (reason + sizeof(reason) - 1)) + if (rptr < (reason + (sizeof(reason) - 1))) *rptr++ = *sptr; if (rptr == reason) diff --git a/tools/ippeveprinter.c b/tools/ippeveprinter.c index d9bc582001..8cfaf9e2e9 100644 --- a/tools/ippeveprinter.c +++ b/tools/ippeveprinter.c @@ -1107,7 +1107,7 @@ create_job_file( if ((job_name = ippGetString(ippFindAttribute(job->attrs, "job-name", IPP_TAG_NAME), 0, NULL)) == NULL) job_name = "untitled"; - for (nameptr = name; *job_name && nameptr < (name + sizeof(name) - 1); job_name ++) + for (nameptr = name; *job_name && nameptr < (name + (sizeof(name) - 1)); job_name++) { if (isalnum(*job_name & 255) || *job_name == '-') { @@ -2641,7 +2641,7 @@ html_printf(ippeve_client_t *client, // I - Client while (isdigit(*format & 255)) { - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; width = width * 10 + *format++ - '0'; @@ -2650,8 +2650,8 @@ html_printf(ippeve_client_t *client, // I - Client if (*format == '.') { - if (tptr < (tformat + sizeof(tformat) - 1)) - *tptr++ = *format; + if (tptr < (tformat + (sizeof(tformat) - 1))) + *tptr++ = *format; format ++; @@ -2670,7 +2670,7 @@ html_printf(ippeve_client_t *client, // I - Client while (isdigit(*format & 255)) { - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; prec = prec * 10 + *format++ - '0'; @@ -2692,7 +2692,7 @@ html_printf(ippeve_client_t *client, // I - Client } else if (*format == 'h' || *format == 'l' || *format == 'L') { - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; size = *format++; @@ -2706,7 +2706,7 @@ html_printf(ippeve_client_t *client, // I - Client break; } - if (tptr < (tformat + sizeof(tformat) - 1)) + if (tptr < (tformat + (sizeof(tformat) - 1))) *tptr++ = *format; type = *format++; @@ -4419,7 +4419,7 @@ load_legacy_attributes( ptr += strlen(ptr); prefix = ","; } - if (ptr < (device_id + sizeof(device_id) - 1)) + if (ptr < (device_id + (sizeof(device_id) - 1))) { *ptr++ = ';'; *ptr = '\0'; @@ -5855,13 +5855,13 @@ register_printer( if (!strcasecmp(value, "application/octet-stream")) continue; - if (ptr > formats && ptr < (formats + sizeof(formats) - 1)) + if (ptr > formats && ptr < (formats + (sizeof(formats) - 1))) *ptr++ = ','; cupsCopyString(ptr, value, sizeof(formats) - (size_t)(ptr - formats)); ptr += strlen(ptr); - if (ptr >= (formats + sizeof(formats) - 1)) + if (ptr >= (formats + (sizeof(formats) - 1))) break; } @@ -5870,13 +5870,13 @@ register_printer( { value = ippGetString(urf_supported, i, NULL); - if (ptr > urf && ptr < (urf + sizeof(urf) - 1)) + if (ptr > urf && ptr < (urf + (sizeof(urf) - 1))) *ptr++ = ','; cupsCopyString(ptr, value, sizeof(urf) - (size_t)(ptr - urf)); ptr += strlen(ptr); - if (ptr >= (urf + sizeof(urf) - 1)) + if (ptr >= (urf + (sizeof(urf) - 1))) break; } diff --git a/tools/ippfind.c b/tools/ippfind.c index 4b2392411c..58feaa20e2 100644 --- a/tools/ippfind.c +++ b/tools/ippfind.c @@ -1431,7 +1431,7 @@ exec_program(ippfind_srv_t *service, // I - Service tptr += strlen(tptr); } - else if (tptr < (temp + sizeof(temp) - 1)) + else if (tptr < (temp + (sizeof(temp) - 1))) *tptr++ = *ptr; } diff --git a/tools/ipptool.c b/tools/ipptool.c index 79446aa5af..068984bd90 100644 --- a/tools/ipptool.c +++ b/tools/ipptool.c @@ -2802,8 +2802,12 @@ get_string(ipp_attribute_t *attr, // I - IPP attribute if (flags & IPPTOOL_WITH_HOSTNAME) { if (httpSeparateURI(HTTP_URI_CODING_ALL, value, scheme, sizeof(scheme), userpass, sizeof(userpass), buffer, bufsize, &port, resource, sizeof(resource)) < HTTP_URI_STATUS_OK) + { buffer[0] = '\0'; + return (buffer); + } + ptr = buffer + strlen(buffer) - 1; if (ptr >= buffer && *ptr == '.') *ptr = '\0'; // Drop trailing "."