From deac067ed39a44c001599c0d15de09872496b2aa Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Wed, 22 Sep 2021 13:10:39 -0300 Subject: Avoid overflows when incrementing parameters in C Any C function can receive maxinteger as an integer argument, and therefore cannot increment it without some care (e.g., doing unsigned arithmetic as the core does). --- lutf8lib.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'lutf8lib.c') diff --git a/lutf8lib.c b/lutf8lib.c index 901d985f..e7bf098f 100644 --- a/lutf8lib.c +++ b/lutf8lib.c @@ -224,14 +224,11 @@ static int byteoffset (lua_State *L) { static int iter_aux (lua_State *L, int strict) { size_t len; const char *s = luaL_checklstring(L, 1, &len); - lua_Integer n = lua_tointeger(L, 2) - 1; - if (n < 0) /* first iteration? */ - n = 0; /* start from here */ - else if (n < (lua_Integer)len) { - n++; /* skip current byte */ - while (iscont(s + n)) n++; /* and its continuations */ + lua_Unsigned n = (lua_Unsigned)lua_tointeger(L, 2); + if (n < len) { + while (iscont(s + n)) n++; /* skip continuation bytes */ } - if (n >= (lua_Integer)len) + if (n >= len) /* (also handles original 'n' being negative) */ return 0; /* no more codepoints */ else { utfint code; -- cgit v1.2.3-55-g6feb