catch "can't happen" int overflow in stralloc_catm_interal

add comment in stralloc_ready
1 month ago · 4a54307d01
parent 08a5bd88d2
commit 4a54307d01
2 changed files with 8 additions and 3 deletions
--- a/stralloc/stralloc_catm_internal.c
+++ b/stralloc/stralloc_catm_internal.c
@ -7,8 +7,13 @@ int stralloc_catm_internal(stralloc* sa, ...) {
  const char* s;
  size_t n=0;
  va_start(a,sa);
-  while ((s=va_arg(a,const char*)))
-    n += strlen(s);
+  while ((s=va_arg(a,const char*))) {
+    size_t tmp = strlen(s);
+    if (n + tmp < n) return 0;	// integer overflow
+    // integer overflow should not be possible, but someone could pass
+    // the same string twice to provoke it. Better check than sorry.
+    n += tmp;
+  }
  va_end(a);
  stralloc_readyplus(sa,n);

--- a/stralloc/stralloc_ready.c
+++ b/stralloc/stralloc_ready.c
@ -9,7 +9,7 @@
 * old space, and returns 1. Note that this changes sa.s. */
 int stralloc_ready(stralloc *sa,size_t len) {
  register size_t wanted=len+(len>>3)+30; /* heuristic from djb */
-  if (wanted<len) wanted=len;
+  if (wanted<len) wanted=len;	// in case of integer overflow
  if (!sa->s || sa->a<len) {
    register char* tmp;
    if (!(tmp=realloc(sa->s,wanted)))