about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog15
-rw-r--r--sunrpc/rpc/xdr.h4
-rw-r--r--sunrpc/xdr_mem.c25
-rw-r--r--sunrpc/xdr_sizeof.c6
4 files changed, 37 insertions, 13 deletions
diff --git a/ChangeLog b/ChangeLog
index 401961a9dc..45c4bc3bde 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2002-12-13  Paul Eggert  <eggert@twinsun.com>
+
+	* sunrpc/rpc/xdr.h (struct XDR.xdr_ops.x_inline): 2nd arg
+	is now u_int, not int.
+	(struct XDR.x_handy): Now u_int, not int.
+	* sunrpc/xdr_mem.c: Include <limits.h>.
+	(xdrmem_getlong, xdrmem_putlong, xdrmem_getbytes, xdrmem_putbytes,
+	xdrmem_inline, xdrmem_getint32, xdrmem_putint32):
+	x_handy is now unsigned, not signed.
+	Do not decrement x_handy if no change is made.
+	(xdrmem_setpos): Check for int overflow.
+	* sunrpc/xdr_sizeof.c (x_inline): 2nd arg is now unsigned.
+	(xdr_sizeof): Remove cast that is now unnecessary, now that
+	x_handy is unsigned.
+
 2002-12-15  Art Haas  <ahaas@airmail.net>
 
 	* iconv/gconv_conf.c: Convert GCC extension initializer syntax to C99.
diff --git a/sunrpc/rpc/xdr.h b/sunrpc/rpc/xdr.h
index 0b703445ab..4f240f2522 100644
--- a/sunrpc/rpc/xdr.h
+++ b/sunrpc/rpc/xdr.h
@@ -126,7 +126,7 @@ struct XDR
 	/* returns bytes off from beginning */
 	bool_t (*x_setpostn) (XDR *__xdrs, u_int __pos);
 	/* lets you reposition the stream */
-	int32_t *(*x_inline) (XDR *__xdrs, int __len);
+	int32_t *(*x_inline) (XDR *__xdrs, u_int __len);
 	/* buf quick ptr to buffered data */
 	void (*x_destroy) (XDR *__xdrs);
 	/* free privates of this xdr_stream */
@@ -139,7 +139,7 @@ struct XDR
     caddr_t x_public;		/* users' data */
     caddr_t x_private;		/* pointer to private data */
     caddr_t x_base;		/* private used for position info */
-    int x_handy;		/* extra private word */
+    u_int x_handy;		/* extra private word */
   };
 
 /*
diff --git a/sunrpc/xdr_mem.c b/sunrpc/xdr_mem.c
index 1695feaf58..72bccc1d0d 100644
--- a/sunrpc/xdr_mem.c
+++ b/sunrpc/xdr_mem.c
@@ -39,6 +39,7 @@
  */
 
 #include <string.h>
+#include <limits.h>
 #include <rpc/rpc.h>
 
 static bool_t xdrmem_getlong (XDR *, long *);
@@ -100,8 +101,9 @@ xdrmem_destroy (XDR *xdrs)
 static bool_t
 xdrmem_getlong (XDR *xdrs, long *lp)
 {
-  if ((xdrs->x_handy -= 4) < 0)
+  if (xdrs->x_handy < 4)
     return FALSE;
+  xdrs->x_handy -= 4;
   *lp = (int32_t) ntohl ((*((int32_t *) (xdrs->x_private))));
   xdrs->x_private += 4;
   return TRUE;
@@ -115,8 +117,9 @@ xdrmem_getlong (XDR *xdrs, long *lp)
 static bool_t
 xdrmem_putlong (XDR *xdrs, const long *lp)
 {
-  if ((xdrs->x_handy -= 4) < 0)
+  if (xdrs->x_handy < 4)
     return FALSE;
+  xdrs->x_handy -= 4;
   *(int32_t *) xdrs->x_private = htonl (*lp);
   xdrs->x_private += 4;
   return TRUE;
@@ -131,8 +134,9 @@ xdrmem_putlong (XDR *xdrs, const long *lp)
 static bool_t
 xdrmem_getbytes (XDR *xdrs, caddr_t addr, u_int len)
 {
-  if ((xdrs->x_handy -= len) < 0)
+  if (xdrs->x_handy < len)
     return FALSE;
+  xdrs->x_handy -= len;
   memcpy (addr, xdrs->x_private, len);
   xdrs->x_private += len;
   return TRUE;
@@ -145,8 +149,9 @@ xdrmem_getbytes (XDR *xdrs, caddr_t addr, u_int len)
 static bool_t
 xdrmem_putbytes (XDR *xdrs, const char *addr, u_int len)
 {
-  if ((xdrs->x_handy -= len) < 0)
+  if (xdrs->x_handy < len)
     return FALSE;
+  xdrs->x_handy -= len;
   memcpy (xdrs->x_private, addr, len);
   xdrs->x_private += len;
   return TRUE;
@@ -173,7 +178,9 @@ xdrmem_setpos (xdrs, pos)
   caddr_t newaddr = xdrs->x_base + pos;
   caddr_t lastaddr = xdrs->x_private + xdrs->x_handy;
 
-  if ((long) newaddr > (long) lastaddr)
+  if ((long) newaddr > (long) lastaddr
+      || (UINT_MAX < LONG_MAX
+	  && (long) UINT_MAX < (long) lastaddr - (long) newaddr))
     return FALSE;
   xdrs->x_private = newaddr;
   xdrs->x_handy = (long) lastaddr - (long) newaddr;
@@ -188,7 +195,7 @@ xdrmem_inline (XDR *xdrs, int len)
 {
   int32_t *buf = 0;
 
-  if (xdrs->x_handy >= len)
+  if (xdrs->x_handy >= (u_int) len)
     {
       xdrs->x_handy -= len;
       buf = (int32_t *) xdrs->x_private;
@@ -205,8 +212,9 @@ xdrmem_inline (XDR *xdrs, int len)
 static bool_t
 xdrmem_getint32 (XDR *xdrs, int32_t *ip)
 {
-  if ((xdrs->x_handy -= 4) < 0)
+  if (xdrs->x_handy < 4)
     return FALSE;
+  xdrs->x_handy -= 4;
   *ip = ntohl ((*((int32_t *) (xdrs->x_private))));
   xdrs->x_private += 4;
   return TRUE;
@@ -220,8 +228,9 @@ xdrmem_getint32 (XDR *xdrs, int32_t *ip)
 static bool_t
 xdrmem_putint32 (XDR *xdrs, const int32_t *ip)
 {
-  if ((xdrs->x_handy -= 4) < 0)
+  if (xdrs->x_handy < 4)
     return FALSE;
+  xdrs->x_handy -= 4;
   *(int32_t *) xdrs->x_private = htonl (*ip);
   xdrs->x_private += 4;
   return TRUE;
diff --git a/sunrpc/xdr_sizeof.c b/sunrpc/xdr_sizeof.c
index 76b53d9d57..aaf25e9699 100644
--- a/sunrpc/xdr_sizeof.c
+++ b/sunrpc/xdr_sizeof.c
@@ -71,13 +71,13 @@ x_setpostn (XDR *xdrs, u_int len)
 }
 
 static int32_t *
-x_inline (XDR *xdrs, int len)
+x_inline (XDR *xdrs, u_int len)
 {
   if (len == 0)
     return NULL;
   if (xdrs->x_op != XDR_ENCODE)
     return NULL;
-  if (len < (int) (long int) xdrs->x_base)
+  if (len < (u_int) (long int) xdrs->x_base)
     {
       /* x_private was already allocated */
       xdrs->x_handy += len;
@@ -159,5 +159,5 @@ xdr_sizeof (xdrproc_t func, void *data)
   stat = func (&x, data);
   if (x.x_private)
     free (x.x_private);
-  return stat == TRUE ? (unsigned) x.x_handy : 0;
+  return stat == TRUE ? x.x_handy : 0;
 }