File fix_int-overflows.patch of Package ftnchek
Huge numbers could result in integer overflows while parsing strings.
The modified functions are only used at places where huge numbers are unexpected
and nonsensical.
diff -Nupr ../ftnchek/advance.c ftnchek/advance.c
--- ../ftnchek/advance.c 2020-09-10 10:41:57.677875130 +0200
+++ ftnchek/advance.c 2020-10-29 13:28:10.252729891 +0100
@@ -1618,7 +1618,14 @@ srcPosn read_int_const(srcPosn pos, int
int v=0;
int c;
while(isdigit(c=CHAR_AT(pos))) {
- v = v*10 + BCD(c);
+ if(v<214748364) {
+ v = v*10 + BCD(c);
+ } else {
+ if(debug_latest) {
+ fprintf(list_fd,"\n%s%c%s\n","read_int_const: huge number up to '",CHAR_AT(pos),"', will overflow");
+ }
+ v = 0;
+ }
stepPosn(&pos);
SKIP_SPACE;
}
diff -Nupr ../ftnchek/intake.c ftnchek/intake.c
--- ../ftnchek/intake.c 2020-09-10 10:41:51.741731236 +0200
+++ ftnchek/intake.c 2020-10-29 14:28:16.517697449 +0100
@@ -454,7 +455,15 @@ find_free_contins(srcLine *Buf)
if( isdigit(c) ) { /* number found: see if hollerith */
if( inside_number ) { /* this may be a continued number */
/*LINTED*/ /*not uninit*/
- num_val = num_val*10 + BCD(c);
+ if(num_val<214748364) {
+ num_val = num_val*10 + BCD(c);
+ } else {
+ if(debug_latest) {
+ fprintf(list_fd,"\n%s%s%s\n","find_free_contins: huge number in '",s,"', cannot be hollerith string");
+ }
+ num_val = 0;
+ inside_number = FALSE;
+ }
}
else {
/* hollerith can only follow punctuation */
@@ -686,7 +695,15 @@ find_fixed_contins(srcLine *Buf)
if( isdigit(c) ) { /* number found: see if hollerith */
if( inside_number ) { /* this may be a continued number */
/*LINTED*/ /*not uninit*/
- num_val = num_val*10 + BCD(c);
+ if(num_val<214748364) {
+ num_val = num_val*10 + BCD(c);
+ } else {
+ if(debug_latest) {
+ fprintf(list_fd,"\n%s%s%s\n","find_fixed_contins: huge number in '",s,"', cannot be hollerith string");
+ }
+ num_val = 0;
+ inside_number = FALSE;
+ }
}
else {
/* hollerith can only follow punctuation */
