GNOME.org
 

[gtk/validate-alloc-size] Check the size of the g_new arguments

commit b4c8ba4de7ccb07d09bc2c7895fdf6f8bddf5dc2
Author: Emmanuele Bassi <ebassi gnome org>
Date:   Fri Apr 12 18:54:20 2019 +0100

    Check the size of the g_new arguments
    
    We're passing integers without validating their size, and newer GCC are
    very cross about it, with warnings like:
    
        warning: argument 1 range [18446744071562067968, 18446744073709551615]
        exceeds maximum object size 9223372036854775807 [-Walloc-size-larger-than=]
    
    We should check we're not overflowing the allocation size, by limiting
    the range of values we can use.
    
    First of all, we need to use `gsize` instead of a random `int`, since we're
    allocating data.
    
    Additionally, we need to check that the multiplication that computes the
    size of the allocation doesn't overflow the maximum value of a `gsize`.

 gtk/gtkcomposetable.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)
---
diff --git a/gtk/gtkcomposetable.c b/gtk/gtkcomposetable.c
index 207611aa9f..e451cdb3bf 100644
--- a/gtk/gtkcomposetable.c
+++ b/gtk/gtkcomposetable.c
@@ -835,14 +835,23 @@ gtk_compose_table_list_add_array (GSList        *compose_tables,
 {
   guint32 hash;
   GtkComposeTable *compose_table;
-  int n_index_stride = max_seq_len + 2;
-  int length = n_index_stride * n_seqs;
+  gsize n_index_stride;
+  gsize length;
+  gsize max_size = (gsize) -1;
   int i;
   guint16 *gtk_compose_seqs = NULL;
 
   g_return_val_if_fail (data != NULL, compose_tables);
   g_return_val_if_fail (max_seq_len <= GTK_MAX_COMPOSE_LEN, compose_tables);
 
+  n_index_stride = MIN (max_seq_len, GTK_MAX_COMPOSE_LEN) + 2;
+  if (n_seqs > max_size / n_index_stride)
+    {
+      g_critical ("Overflow in the compose sequences");
+      return compose_tables;
+    }
+
+  length = n_index_stride * n_seqs;
   hash = gtk_compose_table_data_hash (data, length);
 
   if (g_slist_find_custom (compose_tables, GINT_TO_POINTER (hash), gtk_compose_table_find) != NULL)
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]