Salut,
On Wed, 2006-05-03 at 08:21, [EMAIL PROTECTED] wrote:
> #define MAXPTR (char *)0x // this would differ on 64 bit systems
That should be
#define MAXPTR (void *)(~0UL)
no?
Tonnerre
signature.asc
Description: This is a digitally signed message part
perhaps instead of "c + len > c" being the test of pointer wraparound, one may
use the following (if there is a desire to use pointer-based arithmetic)...
#define MAXPTR (char *)0x // this would differ on 64 bit systems
if (MAXPTR - c < len)
{
// we have a pointer wraparound...
}
On Mon, 17 Apr 2006, Felix von Leitner wrote:
I wrote a small library of functions to do typical range checks as they
are needed in code that handles incoming packets or messages from
untrusted sources. My impetus was SMB code, in case you want to know.
Here is one of my functions:
static inl
On Mon, Apr 17, 2006 at 10:03:54PM +0200, Felix von Leitner wrote:
> static inline int range_ptrinbuf(const void* buf,unsigned long len,const
> void* ptr) {
> register const char* c=(const char*)buf; /* no pointer arithmetic on
> void* */
> return (c && c+len>c && (const char*)ptr-c }
Felix von Leitner wrote:
...
> Here is one of my functions:
>
> static inline int range_ptrinbuf(const void* buf,unsigned long len,const
> void* ptr) {
> register const char* c=(const char*)buf; /* no pointer arithmetic on
> void* */
> return (c && c+len>c && (const char*)ptr-c }
>
> Of
* Felix von Leitner:
> static inline int range_ptrinbuf(const void* buf,unsigned long len,const
> void* ptr) {
> register const char* c=(const char*)buf; /* no pointer arithmetic on
> void* */
> return (c && c+len>c && (const char*)ptr-c }
It seems that the problem is that
c + len >
Are you certain that should fail?
(unsigned long)-1 is a word with all bits set (on a twos-complement machine),
so I believe the result should be undefined with regard to overflow adding a
pointer.
It certainly seems reasonable for a compiler to optimize away a test for a
pointer in the range
On Mon, 17 Apr 2006, Felix von Leitner wrote:
> static inline int range_ptrinbuf(const void* buf,unsigned long len,const
> void* ptr) {
> register const char* c=(const char*)buf; /* no pointer arithmetic on
> void* */
> return (c && c+len>c && (const char*)ptr-c }
>
> [...]
>
> assert(
> From: Felix von Leitner [mailto:[EMAIL PROTECTED]
> Sent: Monday, 17 April, 2006 16:04
>
> static inline int range_ptrinbuf(const void* buf,unsigned
> long len,const void* ptr) {
> register const char* c=(const char*)buf; /* no pointer
> arithmetic on void* */
> return (c && c+len>c
Felix von Leitner wrote:
I wrote a small library of functions to do typical range checks as they
are needed in code that handles incoming packets or messages from
untrusted sources. My impetus was SMB code, in case you want to know.
Here is one of my functions:
static inline int range_ptrinbuf
10 matches
Mail list logo