more oob checks

This commit is contained in:
Igor Malovitsa 2024-03-06 21:05:21 +02:00
parent c8704163cd
commit a2daa89be5

12
hbas.c
View file

@ -351,7 +351,13 @@ typedef struct ByteVec_s {
} ByteVec; } ByteVec;
AsmError ensure_push(ByteVec *vec, size_t el_size, size_t extra) { AsmError ensure_push(ByteVec *vec, size_t el_size, size_t extra) {
if (vec->len + extra < vec->len) {
return ErrOutOfMemory;
}
while (vec->len + extra > vec->cap) { while (vec->len + extra > vec->cap) {
if ((~(size_t)0) / 2 < vec->cap) {
return ErrOutOfMemory;
}
vec->cap *= 2; vec->cap *= 2;
// multiply overflow // multiply overflow
if ((~(size_t)0) / el_size < vec->cap) { if ((~(size_t)0) / el_size < vec->cap) {
@ -705,11 +711,11 @@ AsmError assemble_instr(
} }
// num_to_write = num_to_write ^ is_negative - is_negative; // num_to_write = num_to_write ^ is_negative - is_negative;
if (is_negative) { if (is_negative) {
int64_t tmp = (int64_t)num_to_write; int64_t tmp = -(int64_t)num_to_write;
if (tmp < 0) { if (tmp > 0) {
return ErrBadNumOverflow; return ErrBadNumOverflow;
} }
num_to_write = (uint64_t)(-tmp); num_to_write = (uint64_t)tmp;
} }
AsmError err = push_int_le( AsmError err = push_int_le(
&rv->buf[rv->len], num_to_write, meta.size, meta.sign &rv->buf[rv->len], num_to_write, meta.size, meta.sign