File Update-H5_IS_BUFFER_OVERFLOW-to-account-for-size-of-0.patch of Package hdf5.34857
From: Egbert Eich <eich@suse.com> Date: Thu May 23 12:19:01 2024 +0200 Subject: Update H5_IS_BUFFER_OVERFLOW to account for 'size' of 0 Patch-mainline: Upstream Git-repo: https://github.com/HDFGroup/hdf5 Git-commit: f3eb0201545681c9c51a632ab44d5d7c18707728 References: bsc#1224158 Signed-off-by: Egbert Eich <eich@suse.de> --- src/H5private.h | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/src/H5private.h b/src/H5private.h index 19d1b93b78..b0e96674a4 100644 --- a/src/H5private.h +++ b/src/H5private.h @@ -384,9 +384,18 @@ * the last valid byte, pointed to by buffer_end. */ #define H5_IS_BUFFER_OVERFLOW(ptr, size, buffer_end) \ - (((ptr) > (buffer_end)) || /* Bad precondition */ \ - ((ptrdiff_t)(size) > (((buffer_end) - (ptr)) + 1)) || /* Typical overflow */ \ - ((intptr_t)(size) < 0)) /* Negative 'size' would wrap 'ptr' */ + ( \ + /* Trivial case */ \ + ((size) != 0) && \ + ( \ + /* Bad precondition */ \ + ((ptr) > (buffer_end)) || \ + /* Account for (likely unintentional) negative 'size' */ \ + (((size_t)(size) <= PTRDIFF_MAX) && ((ptrdiff_t)(size) < 0)) || \ + /* Typical overflow */ \ + ((size_t)(size) > (size_t)((((const uint8_t *)buffer_end) - ((const uint8_t *)ptr)) + 1)) \ + ) \ + ) /* Variant of H5_IS_BUFFER_OVERFLOW, used with functions such as H5Tdecode() * that don't take a size parameter, where we need to skip the bounds checks. @@ -395,7 +404,7 @@ * the entire library. */ #define H5_IS_KNOWN_BUFFER_OVERFLOW(skip, ptr, size, buffer_end) \ - (skip ? FALSE : ((ptr) + (size)-1) > (buffer_end)) + (skip ? false : H5_IS_BUFFER_OVERFLOW(ptr, size, buffer_end)) /* * HDF Boolean type.
