d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c6a96a8441
freebsd-nq/lib/libc/stdio
History
Colin Percival c6a96a8441 Give a less silly response to a silly request. 
Prior to this commit, fread/fwrite calls with size * nmemb > SIZE_MAX
were handled by reading or writing (size_t)(size * nmemb) bytes; for
example, on 32-bit platforms, fread(ptr, 641, 6700417, f) would read 1
byte and indicate that the requested 6700417 blocks had been read.

This commit adds a check for such integer overflows, and treats them as
if an overly large request was passed to read/write; i.e., it sets errno
to EINVAL, sets the error indicator on the file, and returns a short
object count (0, to be specific).

The overflow check involves an integer division, so as a performance
optimization we check first to see if both size and nmemb are less than
2^16; if they are, no overflow is possible and we avoid the division.
We assume here that size_t is at least 32 bits; this appears to be true
on all platforms FreeBSD supports.

Although this commit fixes an integer overflow, it is not likely to have
any security implications, since any program which would be affected by
this bug fix is quite clearly already very confused.

Reviewed by:	kib
MFC after:	1 month
2010-01-10 14:30:30 +00:00
..
_flock_stub.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
asprintf.c Rewrite asprintf() as a wrapper around vasprintf(), thus reducing the 2009-03-02 04:11:42 +00:00
clrerr.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
dprintf.c Add dprintf() and vdprintf() from POSIX.1-2008. Like getline(), 2009-03-04 03:38:51 +00:00
fclose.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fclose.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fcloseall.c Oops, correct the weak reference (s/fclose/fcloseall). 2006-04-22 16:47:59 +00:00
fdopen.c Remove useless call to getdtablesize(2) in fdopen(3) and its useless 2008-05-10 18:39:20 +00:00
feof.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
ferror.3 Better wording for clearing EOF indicator. 2009-01-28 14:38:41 +00:00
ferror.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
fflush.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fflush.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fgetc.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fgetln.3 - Add getdelim(), getline(), stpncpy(), strnlen(), wcsnlen(), 2009-02-28 06:00:58 +00:00
fgetln.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fgetpos.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fgets.3 - Add getdelim(), getline(), stpncpy(), strnlen(), wcsnlen(), 2009-02-28 06:00:58 +00:00
fgets.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fgetwc.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
fgetwln.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fgetwln.c
fgetws.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fgetws.c Eliminate more dead stores. 2009-11-25 04:45:45 +00:00
fileno.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
findfp.c Fix many "function declaration isn't a prototype" warnings in libc. 2009-12-05 19:31:38 +00:00
flags.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
floatio.h Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
flockfile.3
fopen.3 Make the description of `b' a little better. 2009-09-09 19:38:19 +00:00
fopen.c Fix a leak in the recent fixes for file descriptors > SHRT_MAX. In the 2008-04-22 17:03:32 +00:00
fprintf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fpurge.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fputc.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fputs.3 Grammer correction from: emaste 2007-04-19 14:01:04 +00:00
fputs.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fputwc.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
fputws.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fputws.c Introduce a local variable and use it instead of passed in parameter 2009-01-15 18:53:52 +00:00
fread.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fread.c Give a less silly response to a silly request. 2010-01-10 14:30:30 +00:00
freopen.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
fscanf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fseek.3 Add rewind() to the list of functions which may fail and set errno 2007-06-18 02:13:04 +00:00
fseek.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
fsetpos.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
ftell.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
funopen.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
funopen.c Fix many "function declaration isn't a prototype" warnings in libc. 2009-12-05 19:31:38 +00:00
fvwrite.c Eliminate dead store. 2009-11-25 04:21:42 +00:00
fvwrite.h Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fwalk.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
fwide.3
fwide.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
fwprintf.c
fwrite.c Give a less silly response to a silly request. 2010-01-10 14:30:30 +00:00
fwscanf.c
getc.3 Remove unnecessary quoting and markup, add missing punctuation. 2010-01-08 22:02:42 +00:00
getc.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
getchar.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
getdelim.c Better glibc compatibility for getline/getdelim: 2009-10-04 19:43:36 +00:00
getline.3 2009-12-16 04:19:23 +00:00
getline.c - Add getdelim(), getline(), stpncpy(), strnlen(), wcsnlen(), 2009-02-28 06:00:58 +00:00
gets.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
getw.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
getwc.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
getwc.c
getwchar.c
glue.h Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
local.h Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
makebuf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
Makefile.inc Add dprintf() and vdprintf() from POSIX.1-2008. Like getline(), 2009-03-04 03:38:51 +00:00
mktemp.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
mktemp.c Fix a few bugs with the _gettemp() routine which implements mkstemp(), 2008-07-28 21:18:59 +00:00
perror.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
printf-pos.c The argument corresponding to %zn is supposed to be an ssize_t *, not 2009-03-02 04:07:58 +00:00
printf.3 Fix the dprintf() prototype. 2009-12-02 07:51:25 +00:00
printf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
printfcommon.h Add support for multibyte thousands_sep encodings, e.g., U+066C. 2009-01-22 08:14:28 +00:00
printflocal.h The argument corresponding to %zn is supposed to be an ssize_t *, not 2009-03-02 04:07:58 +00:00
putc.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
putc.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
putchar.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00
puts.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
putw.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
putwc.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
putwc.c
putwchar.c
refill.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
remove.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
remove.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
rewind.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
rget.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
scanf.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
scanf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
setbuf.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
setbuf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
setbuffer.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
setvbuf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
snprintf.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
sprintf.c Use vsprintf instead of rolling our own. 2009-12-21 19:59:38 +00:00
sscanf.c Use vsscanf instead of rolling our own. 2009-12-21 19:56:03 +00:00
stdio.3 Add dprintf() and vdprintf() from POSIX.1-2008. Like getline(), 2009-03-04 03:38:51 +00:00
stdio.c Retire the __fgetcookie(), __fgetpendout(), and __fsetfileno() accessors 2008-05-05 16:14:02 +00:00
swprintf.c
swscanf.c
Symbol.map Add dprintf() and vdprintf() from POSIX.1-2008. Like getline(), 2009-03-04 03:38:51 +00:00
tempnam.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
tmpfile.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
tmpnam.3 o Add ENVIRONMENT section and mention there that TMPDIR is ignored 2007-03-16 21:46:24 +00:00
tmpnam.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
ungetc.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
ungetc.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
ungetwc.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
ungetwc.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
vasprintf.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
vdprintf.c Add dprintf() and vdprintf() from POSIX.1-2008. Like getline(), 2009-03-04 03:38:51 +00:00
vfprintf.c Replace a dozen lines of code with a call to strnlen() / wcsnlen(). 2009-02-28 06:06:57 +00:00
vfscanf.c - Add support for multibyte decimal_point encodings, e.g., U+066B. 2009-01-19 06:19:51 +00:00
vfwprintf.c In __mbsconv(), if prec was zero, nconv could have been used 2009-11-25 04:27:55 +00:00
vfwscanf.c - Add support for multibyte decimal_point encodings, e.g., U+066B. 2009-01-19 06:19:51 +00:00
vprintf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
vscanf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
vsnprintf.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
vsprintf.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
vsscanf.c K&R -> ANSI prototype. 2009-12-21 19:55:05 +00:00
vswprintf.c Next stage of stdio cleanup: Retire __sFILEX and merge the fields back into 2008-04-17 22:17:54 +00:00
vswscanf.c Introduce a local variable and use it instead of passed in parameter 2009-01-15 18:53:52 +00:00
vwprintf.c
vwscanf.c
wbuf.c Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
wprintf.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
wprintf.c
wscanf.3 Per Regents of the University of Calfornia letter, remove advertising 2007-01-09 00:28:16 +00:00
wscanf.c
wsetup.c Set the error indicator on an attempt to write to a read-only stream. 2009-01-08 06:38:06 +00:00
xprintf_errno.c Make the %V{is} extension handle a NULL pointer like %s does: output "(null)" 2006-01-25 12:45:24 +00:00
xprintf_float.c Add an extensible version of our *printf(3) implementation to libc 2005-12-16 18:56:39 +00:00
xprintf_hexdump.c Add an extensible version of our *printf(3) implementation to libc 2005-12-16 18:56:39 +00:00
xprintf_int.c Explicitely use a "signed char" instead of a "char", for those archs where 2005-12-22 14:23:54 +00:00
xprintf_quote.c Fix the %Q printf extension to behave as expected 2006-03-02 08:53:45 +00:00
xprintf_str.c Add an extensible version of our *printf(3) implementation to libc 2005-12-16 18:56:39 +00:00
xprintf_time.c Make all three if conditions look similar by always initializing nsec 2009-11-25 04:35:54 +00:00
xprintf_vis.c Make the %V{is} extension handle a NULL pointer like %s does: output "(null)" 2006-01-25 12:45:24 +00:00
xprintf.c Expose FILE's internals to the world again in all their glory. Restore 2008-05-05 16:03:52 +00:00