:: commit 3db3f0971a54dade6e78a66cfa552f29c5a6b19b
misc: Replace some integer overflow check patterns with builtin functions
diff --git a/common/fs/fat32.s2.c b/common/fs/fat32.s2.c
index d18750cb..e4781c86 100644
--- a/common/fs/fat32.s2.c
+++ b/common/fs/fat32.s2.c
@@ -654,10 +654,10 @@ struct file_handle *fat32_open(struct volume *part, const char *path) {
for (unsigned int i = 0; i < SIZEOF_ARRAY(current_part) - 1; i++) {
// Check for overflow before computing path index
- if (current_index > UINT_MAX - i) {
+ unsigned int path_idx;
+ if (__builtin_add_overflow(i, current_index, &path_idx)) {
return NULL; // Path index would overflow
}
- unsigned int path_idx = i + current_index;
if (path[path_idx] == 0) {
memcpy(current_part, path + current_index, i);
@@ -671,10 +671,11 @@ struct file_handle *fat32_open(struct volume *part, const char *path) {
memcpy(current_part, path + current_index, i);
current_part[i] = 0;
// Check for overflow before updating current_index
- if (current_index > UINT_MAX - i - 1) {
+ unsigned int new_index;
+ if (__builtin_add_overflow(current_index, i + 1, &new_index)) {
return NULL; // current_index would overflow
}
- current_index += i + 1;
+ current_index = new_index;
expect_directory = true;
found_terminator = true;
break;
diff --git a/common/lib/elf.c b/common/lib/elf.c
index 93bfa4f6..5382efe2 100644
--- a/common/lib/elf.c
+++ b/common/lib/elf.c
@@ -910,7 +910,8 @@ again:
}
// Validate p_offset + p_filesz doesn't overflow
- if (phdr->p_offset > UINT64_MAX - phdr->p_filesz) {
+ uint64_t offset_end;
+ if (__builtin_add_overflow(phdr->p_offset, phdr->p_filesz, &offset_end)) {
panic(true, "elf: p_offset + p_filesz overflow");
}
diff --git a/common/lib/part.s2.c b/common/lib/part.s2.c
index f594ec98..3e746363 100644
--- a/common/lib/part.s2.c
+++ b/common/lib/part.s2.c
@@ -39,10 +39,10 @@ static bool cache_block(struct volume *volume, uint64_t block) {
if (__builtin_mul_overflow(block, volume->fastest_xfer_size, &block_offset)) {
return false;
}
- if (first_sect > UINT64_MAX - block_offset) {
+ uint64_t read_sector;
+ if (__builtin_add_overflow(first_sect, block_offset, &read_sector)) {
return false;
}
- uint64_t read_sector = first_sect + block_offset;
for (;;) {
int ret = disk_read_sectors(volume, volume->cache,
@@ -225,10 +225,9 @@ static int gpt_get_part(struct volume *ret, struct volume *volume, int partition
}
// Use actual entry size from header for offset calculation
uint64_t partition_offset = (uint64_t)partition * entry_size;
- if (entry_offset > UINT64_MAX - partition_offset) {
+ if (__builtin_add_overflow(entry_offset, partition_offset, &entry_offset)) {
return INVALID_TABLE; // Addition overflow would occur
}
- entry_offset += partition_offset;
struct gpt_entry entry = {0};
volume_read(volume, &entry, entry_offset, sizeof(entry));
@@ -417,7 +416,8 @@ static int mbr_get_logical_part(struct volume *ret, struct volume *extended_part
if (__builtin_add_overflow(first_sect_64, (uint64_t)entry.first_sect, &first_sect_64)) {
return NO_PARTITION; // Addition overflow
}
- if (first_sect_64 > UINT64_MAX - entry.sect_count) {
+ uint64_t partition_end;
+ if (__builtin_add_overflow(first_sect_64, (uint64_t)entry.sect_count, &partition_end)) {
return NO_PARTITION; // Partition would overflow
}
