ref: abdf69a520ddaf86c5bef1ce52a64dea1f3b5e77
parent: f20cb974e12e176500a0f44c4ebf3332e26dc463
author: Roberto E. Vargas Caballero <k0ga@shike2.com>
date: Mon Aug 17 10:34:30 EDT 2015
Check integer overflow in symbol id
--- a/cc1/cc1.h
+++ b/cc1/cc1.h
@@ -46,7 +46,7 @@
struct symbol {char *name;
Type *type;
- short id;
+ unsigned short id;
unsigned char ctx;
unsigned char ns;
unsigned char token;
--- a/cc1/code.c
+++ b/cc1/code.c
@@ -172,7 +172,7 @@
c = L_EXTERN;
else
c = L_AUTO;
- printf("%c%d", c, sym->id);+ printf("%c%u", c, sym->id);}
static void
@@ -217,7 +217,7 @@
case FTN:
case STRUCT:
case UNION:
- printf("%d", tp->id);+ printf("%u", tp->id);}
}
--- a/cc1/symbol.c
+++ b/cc1/symbol.c
@@ -12,8 +12,8 @@
#define NR_SYM_HASH 64
unsigned curctx;
-static short localcnt;
-static short globalcnt;
+static unsigned short localcnt;
+static unsigned short globalcnt;
static Symbol *head, *labels;
static Symbol *htab[NR_SYM_HASH];
@@ -138,6 +138,19 @@
head = sym;
}
+static unsigned short
+newid(void)
+{+ unsigned id;
+
+ id = (curctx) ? ++localcnt : ++globalcnt;
+ if (id == 0) {+ die("Overflow in %s identifiers",+ (curctx) ? "internal" : "external");
+ }
+ return id;
+}
+
Type *
duptype(Type *base)
{@@ -144,7 +157,7 @@
Type *tp = xmalloc(sizeof(*tp));
*tp = *base;
- tp->id = (curctx) ? ++localcnt : ++globalcnt;
+ tp->id = newid();
return tp;
}
@@ -167,7 +180,7 @@
return sym;
if (ns == NS_LABEL) {sym->next = labels;
- sym->id = ++localcnt;
+ sym->id = newid();
return labels = sym;
}
@@ -263,7 +276,7 @@
assign_id:
if (sym->ns != NS_CPP || sym->ns != NS_LABEL)
- sym->id = (curctx) ? ++localcnt : ++globalcnt;
+ sym->id = newid();
return sym;
}