From 97e2dab1fb1b90f806eeb4da51bb74a2cdb6ca54 Mon Sep 17 00:00:00 2001
From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
Date: Wed, 1 Dec 2004 13:46:18 -0200
Subject: better control of overflows in size computations

---
 llex.c | 31 ++++++++++++++++++-------------
 lmem.c | 14 ++++++--------
 lmem.h | 22 +++++++++++-----------
 3 files changed, 35 insertions(+), 32 deletions(-)

diff --git a/llex.c b/llex.c
index 2b9ec68c..22734d13 100644
--- a/llex.c
+++ b/llex.c
@@ -1,5 +1,5 @@
 /*
-** $Id: llex.c,v 2.4 2004/09/22 14:02:00 roberto Exp roberto $
+** $Id: llex.c,v 2.5 2004/11/24 19:16:03 roberto Exp roberto $
 ** Lexical Analyzer
 ** See Copyright Notice in lua.h
 */
@@ -26,12 +26,6 @@
 #define next(ls) (ls->current = zgetc(ls->z))
 
 
-#define save(ls,c)  { \
-  Mbuffer *b = ls->buff; \
-  if (b->n + 1 > b->buffsize) \
-    luaZ_resizebuffer(ls->L, b, ((b->buffsize*2) + LUA_MINBUFFER)); \
-  b->buffer[b->n++] = cast(char, c); }
-
 
 
 #define currIsNewline(ls)	(ls->current == '\n' || ls->current == '\r')
@@ -48,6 +42,22 @@ static const char *const token2string [] = {
 };
 
 
+#define save_and_next(ls) (save(ls, ls->current), next(ls))
+
+
+static void save (LexState *ls, int c) {
+  Mbuffer *b = ls->buff;
+  if (b->n + 1 > b->buffsize) {
+    size_t newsize;
+    if (b->buffsize >= MAX_SIZET/2)
+      luaX_lexerror(ls, "lexical element too long", 0);
+    newsize = b->buffsize * 2;
+    luaZ_resizebuffer(ls->L, b, newsize);
+  }
+  b->buffer[b->n++] = cast(char, c);
+}
+
+
 void luaX_init (lua_State *L) {
   int i;
   for (i=0; i<NUM_RESERVED; i++) {
@@ -130,6 +140,7 @@ void luaX_setinput (lua_State *L, LexState *ls, ZIO *z, TString *source) {
   ls->linenumber = 1;
   ls->lastline = 1;
   ls->source = source;
+  luaZ_resizebuffer(ls->L, ls->buff, LUA_MINBUFFER);  /* initialize buffer */
   next(ls);  /* read first char */
 }
 
@@ -143,12 +154,6 @@ void luaX_setinput (lua_State *L, LexState *ls, ZIO *z, TString *source) {
 
 
 
-static void save_and_next (LexState *ls) {
-  save(ls, ls->current);
-  next(ls);
-}
-
-
 
 /* LUA_NUMBER */
 static void read_numeral (LexState *ls, SemInfo *seminfo) {
diff --git a/lmem.c b/lmem.c
index 29252abe..f2a70d0f 100644
--- a/lmem.c
+++ b/lmem.c
@@ -1,5 +1,5 @@
 /*
-** $Id: lmem.c,v 1.65 2004/08/30 13:44:44 roberto Exp roberto $
+** $Id: lmem.c,v 1.66 2004/11/19 15:52:40 roberto Exp roberto $
 ** Interface to Memory Manager
 ** See Copyright Notice in lua.h
 */
@@ -43,16 +43,14 @@
 #define MINSIZEARRAY	4
 
 
-void *luaM_growaux (lua_State *L, void *block, int *size, size_t size_elems,
-                    int limit, const char *errormsg) {
+void *luaM_growaux_ (lua_State *L, void *block, int *size, size_t size_elems,
+                     int limit, const char *errormsg) {
   void *newblock;
   int newsize;
-  if (cast(size_t, limit) > MAX_SIZET/size_elems)
-    limit = cast(int, MAX_SIZET/size_elems);
   if (*size >= limit/2) {  /* cannot double it? */
-    if (*size >= limit - MINSIZEARRAY)  /* try something smaller... */
+    if (*size >= limit)  /* cannot grow even a little? */
       luaG_runerror(L, errormsg);
-    newsize = limit;  /* still have at least MINSIZEARRAY free places */
+    newsize = limit;  /* still have at least one free place */
   }
   else {
     newsize = (*size)*2;
@@ -75,7 +73,7 @@ void *luaM_toobig (lua_State *L) {
 /*
 ** generic allocation routine.
 */
-void *luaM_realloc (lua_State *L, void *block, size_t osize, size_t nsize) {
+void *luaM_realloc_ (lua_State *L, void *block, size_t osize, size_t nsize) {
   global_State *g = G(L);
   lua_assert((osize == 0) == (block == NULL));
   block = (*g->realloc)(g->ud, block, osize, nsize);
diff --git a/lmem.h b/lmem.h
index 514cccfd..331d722f 100644
--- a/lmem.h
+++ b/lmem.h
@@ -1,5 +1,5 @@
 /*
-** $Id: lmem.h,v 1.27 2004/11/19 15:52:40 roberto Exp roberto $
+** $Id: lmem.h,v 1.28 2004/11/24 19:20:21 roberto Exp roberto $
 ** Interface to Memory Manager
 ** See Copyright Notice in lua.h
 */
@@ -16,31 +16,31 @@
 #define MEMERRMSG	"not enough memory"
 
 
-void *luaM_realloc (lua_State *L, void *block, size_t oldsize, size_t size);
+void *luaM_realloc_ (lua_State *L, void *block, size_t oldsize, size_t size);
 
 void *luaM_toobig (lua_State *L);
 
 #define luaM_reallocv(L,b,on,n,e) \
-  ((cast(size_t, (n)+1) <= MAX_SIZET/(e)) ?  /* +1 only to avoid warnings */ \
-    luaM_realloc(L, (b), (on)*(e), (n)*(e)) : \
+  ((cast(unsigned int, (n)+1) <= MAX_SIZET/(e)) ?  /* +1 to avoid warnings */ \
+    luaM_realloc_(L, (b), (on)*(e), (n)*(e)) : \
     luaM_toobig(L))
 
 
-void *luaM_growaux (lua_State *L, void *block, int *size, size_t size_elem,
-                    int limit, const char *errormsg);
+void *luaM_growaux_ (lua_State *L, void *block, int *size, size_t size_elem,
+                     int limit, const char *errormsg);
 
-#define luaM_freemem(L, b, s)	luaM_realloc(L, (b), (s), 0)
-#define luaM_free(L, b)		luaM_realloc(L, (b), sizeof(*(b)), 0)
+#define luaM_freemem(L, b, s)	luaM_realloc_(L, (b), (s), 0)
+#define luaM_free(L, b)		luaM_realloc_(L, (b), sizeof(*(b)), 0)
 #define luaM_freearray(L, b, n, t)   luaM_reallocv(L, (b), n, 0, sizeof(t))
 
-#define luaM_malloc(L,t)	luaM_realloc(L, NULL, 0, (t))
+#define luaM_malloc(L,t)	luaM_realloc_(L, NULL, 0, (t))
 #define luaM_new(L,t)		cast(t *, luaM_malloc(L, sizeof(t)))
 #define luaM_newvector(L,n,t) \
 		cast(t *, luaM_reallocv(L, NULL, 0, n, sizeof(t)))
 
 #define luaM_growvector(L,v,nelems,size,t,limit,e) \
-          if (((nelems)+1) > (size)) \
-            ((v)=cast(t *, luaM_growaux(L,v,&(size),sizeof(t),limit,e)))
+          if ((nelems)+1 > (size)) \
+            ((v)=cast(t *, luaM_growaux_(L,v,&(size),sizeof(t),limit,e)))
 
 #define luaM_reallocvector(L, v,oldn,n,t) \
    ((v)=cast(t *, luaM_reallocv(L, v, oldn, n, sizeof(t))))
-- 
cgit v1.2.3-55-g6feb