sergiotarxz/nuttx
sergiotarxz/nuttx
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fs/fat: Fix undefined behavior in signed integer overflow check

Browse Source 
Testing for overflow by adding a value to a variable to see if it "wraps
around" works only for unsigned integer values, because signed overflow
has undefined behavior according to the C and C++ standards.

Signed-off-by: Mingjie Shen <shen497@purdue.edu>
This commit is contained in:
Mingjie Shen 2023-06-26 00:36:28 -04:00 committed by Xiang Xiao
parent 669ccfaa32
commit 7d13f5eb78
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
fs/fat/fs_fat32.c
View File

@ -44,6 +44,16 @@
#include "inode/inode.h" #include "inode/inode.h"
#include "fs_fat32.h" #include "fs_fat32.h"
/****************************************************************************
* Pre-processor Definitions
****************************************************************************/
#if defined(CONFIG_FS_LARGEFILE)
# define OFF_MAX INT64_MAX
#else
# define OFF_MAX INT32_MAX
#endif
/**************************************************************************** /****************************************************************************
* Private Function Prototypes * Private Function Prototypes
****************************************************************************/ ****************************************************************************/
@ -764,7 +774,7 @@ static ssize_t fat_write(FAR struct file *filep, FAR const char *buffer,
/* Check if the file size would exceed the range of off_t */ /* Check if the file size would exceed the range of off_t */
if (ff->ff_size + buflen < ff->ff_size) if (buflen > OFF_MAX || ff->ff_size > OFF_MAX - (off_t)buflen)
{ {
ret = -EFBIG; ret = -EFBIG;
goto errout_with_lock; goto errout_with_lock;