Use an adapted type for array size and check it for overflow. --- editors/sed.c | 2 +- include/libbb.h | 2 +- libbb/get_line_from_file.c | 8 +++++--- 3 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/editors/sed.c b/editors/sed.c index 9d800c2c3..470220859 100644 --- a/editors/sed.c +++ b/editors/sed.c @@ -988,7 +988,7 @@ static void flush_append(char *last_puts_char) static char *get_next_line(char *gets_char, char *last_puts_char) { char *temp = NULL; - int len; + size_t len; char gc; flush_append(last_puts_char); diff --git a/include/libbb.h b/include/libbb.h index fa878433e..309c58734 100644 --- a/include/libbb.h +++ b/include/libbb.h @@ -911,7 +911,7 @@ extern void xprint_and_close_file(FILE *file) FAST_FUNC; * end of line. If end isn't NULL, length of the chunk is stored in it. * Returns NULL if EOF/error. */ -extern char *bb_get_chunk_from_file(FILE *file, int *end) FAST_FUNC; +extern char *bb_get_chunk_from_file(FILE *file, size_t *end) FAST_FUNC; /* Reads up to (and including) TERMINATING_STRING: */ extern char *xmalloc_fgets_str(FILE *file, const char *terminating_string) FAST_FUNC RETURNS_MALLOC; /* Same, with limited max size, and returns the length (excluding NUL): */ diff --git a/libbb/get_line_from_file.c b/libbb/get_line_from_file.c index 941ea12b5..c61ac770e 100644 --- a/libbb/get_line_from_file.c +++ b/libbb/get_line_from_file.c @@ -10,10 +10,10 @@ */ #include "libbb.h" -char* FAST_FUNC bb_get_chunk_from_file(FILE *file, int *end) +char* FAST_FUNC bb_get_chunk_from_file(FILE *file, size_t *end) { int ch; - unsigned idx = 0; + size_t idx = 0; char *linebuf = NULL; while ((ch = getc(file)) != EOF) { @@ -21,6 +21,8 @@ char* FAST_FUNC bb_get_chunk_from_file(FILE *file, int *end) if (!(idx & 0xff)) linebuf = xrealloc(linebuf, idx + 0x100); linebuf[idx++] = (char) ch; + if (idx == (size_t)-1) + bb_error_msg_and_die(bb_msg_memory_exhausted); if (ch == '\0') break; if (end && ch == '\n') @@ -49,7 +51,7 @@ char* FAST_FUNC xmalloc_fgets(FILE *file) /* Get line. Remove trailing \n */ char* FAST_FUNC xmalloc_fgetline(FILE *file) { - int i; + size_t i; char *c = bb_get_chunk_from_file(file, &i); if (i && c[--i] == '\n') -- 2.14.2 _______________________________________________ busybox mailing list busybox@busybox.net http://lists.busybox.net/mailman/listinfo/busybox