Module Name: othersrc
Committed By: agc
Date: Tue Dec 4 07:39:19 UTC 2012
Modified Files:
othersrc/external/bsd/threshold/dist/src/libthreshold: ida.c raid.c
threshold.c
Log Message:
feedback from fuzz testing - check arguments on entry to functions
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
othersrc/external/bsd/threshold/dist/src/libthreshold/ida.c \
othersrc/external/bsd/threshold/dist/src/libthreshold/raid.c \
othersrc/external/bsd/threshold/dist/src/libthreshold/threshold.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/external/bsd/threshold/dist/src/libthreshold/ida.c
diff -u othersrc/external/bsd/threshold/dist/src/libthreshold/ida.c:1.1.1.1 othersrc/external/bsd/threshold/dist/src/libthreshold/ida.c:1.2
--- othersrc/external/bsd/threshold/dist/src/libthreshold/ida.c:1.1.1.1 Sat Mar 12 08:13:08 2011
+++ othersrc/external/bsd/threshold/dist/src/libthreshold/ida.c Tue Dec 4 07:39:19 2012
@@ -194,6 +194,9 @@ ida_split(threshold_t *thresh)
size_t insize;
ida_t *ida;
+ if (thresh == NULL) {
+ return 0;
+ }
ida = (ida_t *)thresh->handle;
mem = &thresh->shares[THRESH_MAX_SHARES];
thresh_fmt_header(&head, IDA_MAGIC, thresh->threshold, thresh->sharesc, mem->io.size);
@@ -240,6 +243,9 @@ ida_combine(threshold_t *thresh)
ida_t *ida;
int cc;
+ if (thresh == NULL) {
+ return 0;
+ }
ida = (ida_t *)thresh->handle;
(void) memset(coeff, 0x0, sizeof(coeff));
for (i = 0 ; i < thresh->availc ; i++) {
@@ -274,7 +280,7 @@ ida_combine(threshold_t *thresh)
arr[i] = gfadd(arr[i], gfmuls[ida->matrix[SUBSCRIPT(i, j, thresh->threshold)]][ch]);
}
}
- cc = MIN(thresh->threshold, (heads[0].size - out->c));
+ cc = MIN((int)thresh->threshold, (int)(heads[0].size - out->c));
(void) memcpy(&out->io.base[out->c], arr, cc);
out->c += cc;
}
@@ -293,6 +299,9 @@ ida_init(threshold_t *threshold, unsigne
unsigned j;
ida_t *ida;
+ if (threshold == NULL) {
+ return 0;
+ }
if ((ida = calloc(1, sizeof(ida_t))) == NULL) {
(void) fprintf(stderr, "can't allocate ida\n");
return 0;
@@ -320,6 +329,9 @@ ida_end(threshold_t *threshold)
{
ida_t *ida;
+ if (threshold == NULL) {
+ return 0;
+ }
if ((ida = threshold->handle) != NULL) {
if (ida->matrix) {
free(ida->matrix);
Index: othersrc/external/bsd/threshold/dist/src/libthreshold/raid.c
diff -u othersrc/external/bsd/threshold/dist/src/libthreshold/raid.c:1.1.1.1 othersrc/external/bsd/threshold/dist/src/libthreshold/raid.c:1.2
--- othersrc/external/bsd/threshold/dist/src/libthreshold/raid.c:1.1.1.1 Sat Mar 12 08:13:08 2011
+++ othersrc/external/bsd/threshold/dist/src/libthreshold/raid.c Tue Dec 4 07:39:19 2012
@@ -154,6 +154,9 @@ raid_init(threshold_t *thresh, unsigned
{
raid_t *raid;
+ if (thresh == NULL) {
+ return 0;
+ }
if ((raid = calloc(1, sizeof(*raid))) == NULL) {
fprintf(stderr, "raid_init: unable to allocate space\n");
return 0;
@@ -179,6 +182,9 @@ raid_split_memory(threshold_t *thresh, c
uint8_t *parity;
raid_t *raid;
+ if (thresh == NULL || input == NULL) {
+ return 0;
+ }
in = (const uint8_t *)input;
raid = thresh->handle;
blocksize = threshold; /* overloaded here */
@@ -223,8 +229,11 @@ raid_split(threshold_t *thresh)
{
thresh_str_t *mem;
+ if (thresh == NULL) {
+ return 0;
+ }
mem = &thresh->shares[THRESH_MAX_SHARES];
- return raid_split_memory(thresh, mem->io.base, mem->io.size, thresh->threshold, thresh->sharesc);
+ return raid_split_memory(thresh, mem->io.base, (unsigned)mem->io.size, thresh->threshold, thresh->sharesc);
}
/* split the file into shares */
@@ -237,6 +246,9 @@ raid_split_file(threshold_t *thresh, con
FILE *fp;
int ret;
+ if (thresh == NULL || f == NULL) {
+ return 0;
+ }
if (!check_values(blocksize, disks)) {
return 0;
}
@@ -252,7 +264,7 @@ raid_split_file(threshold_t *thresh, con
return 0;
}
/* Do the work */
- ret = raid_split_memory(thresh, mem, bytes, blocksize, disks);
+ ret = raid_split_memory(thresh, mem, (unsigned)bytes, blocksize, disks);
(void) fclose(fp);
(void) munmap(mem, bytes);
return ret;
@@ -271,6 +283,9 @@ raid_join_file(threshold_t *thresh, char
int good;
int ret;
+ if (thresh == NULL || files == NULL || str == NULL) {
+ return 0;
+ }
raid = thresh->handle;
if (raid->blocksize == 0) {
raid->blocksize = DEFAULT_BLOCKSIZE;
@@ -337,6 +352,9 @@ raid_join_memory(threshold_t *thresh, th
raid_t *raid;
int repair;
+ if (thresh == NULL || inputv == NULL) {
+ return 0;
+ }
raid = thresh->handle;
if (raid->blocksize == 0) {
raid->blocksize = DEFAULT_BLOCKSIZE;
@@ -362,7 +380,7 @@ raid_join_memory(threshold_t *thresh, th
int
raid_end(threshold_t *thresh)
{
- if (thresh->handle) {
+ if (thresh && thresh->handle) {
free(thresh->handle);
}
return 1;
@@ -375,6 +393,9 @@ raid_end(threshold_t *thresh)
int
raid_read_header(const char *mem, uint8_t *sharesc, uint8_t *threshold, uint8_t *order)
{
+ if (mem == NULL || sharesc == NULL || threshold == NULL || order == NULL) {
+ return 0;
+ }
if (memcmp(mem, RAID5_MAGIC, strlen(RAID5_MAGIC)) == 0) {
if (threshold) {
*threshold = mem[strlen(RAID5_MAGIC)];
Index: othersrc/external/bsd/threshold/dist/src/libthreshold/threshold.c
diff -u othersrc/external/bsd/threshold/dist/src/libthreshold/threshold.c:1.1.1.1 othersrc/external/bsd/threshold/dist/src/libthreshold/threshold.c:1.2
--- othersrc/external/bsd/threshold/dist/src/libthreshold/threshold.c:1.1.1.1 Sat Mar 12 08:13:08 2011
+++ othersrc/external/bsd/threshold/dist/src/libthreshold/threshold.c Tue Dec 4 07:39:19 2012
@@ -96,6 +96,9 @@ swapheader(thresh_head_t *head)
int
thresh_sane_header(thresh_head_t *head, thresh_head_t *refhead)
{
+ if (head == NULL || refhead == NULL) {
+ return 0;
+ }
if (head->coeff > head->sharesc ||
head->thresh > head->sharesc) {
return 0;
@@ -114,6 +117,9 @@ thresh_init(threshold_t *thresh, const c
{
const map_t *map;
+ if (thresh == NULL) {
+ return 0;
+ }
if (type == NULL) {
(void) fprintf(stderr, "bad type\n");
return 0;
@@ -145,6 +151,9 @@ thresh_add_share(threshold_t *thresh, un
struct stat st;
FILE *fp;
+ if (thresh == NULL || data == NULL) {
+ return 0;
+ }
if (n != THRESH_MAX_SHARES) {
thresh->availc += 1;
}
@@ -180,6 +189,9 @@ thresh_add_share(threshold_t *thresh, un
int
thresh_split(threshold_t *thresh)
{
+ if (thresh == NULL) {
+ return 0;
+ }
switch(thresh->type) {
case THRESH_IDA:
return ida_split(thresh);
@@ -195,7 +207,7 @@ thresh_split(threshold_t *thresh)
int
thresh_get_header(thresh_head_t *head, const uint8_t *mem)
{
- if (mem == NULL) {
+ if (head == NULL || mem == NULL) {
return 0;
}
(void) memcpy(head, mem, sizeof(*head));
@@ -207,6 +219,9 @@ thresh_get_header(thresh_head_t *head, c
int
thresh_fmt_header(thresh_head_t *head, const char *type, unsigned threshold, unsigned sharesc, uint64_t size)
{
+ if (head == NULL || type == NULL) {
+ return 0;
+ }
(void) memset(head, 0x0, sizeof(*head));
(void) snprintf(head->magic, sizeof(head->magic), "%s", type);
head->sharesc = sharesc;
@@ -223,6 +238,9 @@ thresh_combine(threshold_t *thresh)
thresh_head_t head;
thresh_str_t *out;
+ if (thresh == NULL) {
+ return -1;
+ }
(void) memset(&head, 0x0, sizeof(head));
if (!thresh_get_header(&head, thresh->shares[0].io.base)) {
return -1;
@@ -263,6 +281,9 @@ thresh_write_share(threshold_t *thresh,
FILE *fp;
int ok;
+ if (thresh == NULL) {
+ return 0;
+ }
if (n >= thresh->sharesc && n != THRESH_SPLIT_SOURCE) {
(void) fprintf(stderr, "share %u out of range (max %u)\n", n, thresh->sharesc);
return 0;
@@ -294,6 +315,9 @@ thresh_get_share(threshold_t *thresh, un
{
thresh_str_t *share;
+ if (thresh == NULL || outp == NULL) {
+ return 0;
+ }
if (n >= thresh->sharesc && n != THRESH_SPLIT_SOURCE) {
(void) fprintf(stderr, "share %u out of range (max %u)\n", n, thresh->sharesc);
return 0;
@@ -310,6 +334,9 @@ thresh_end(threshold_t *thresh)
{
unsigned i;
+ if (thresh == NULL) {
+ return 0;
+ }
switch(thresh->type) {
break;
case THRESH_IDA:
