Commit d7cac2b3 authored by Norby, Tom's avatar Norby, Tom
Browse files

[Fortify] Integer and buffer overflow protection.

parent d59edd77
Pipeline #100320 failed with stages
in 5 minutes and 31 seconds
...@@ -78,7 +78,7 @@ eafstream &eafstream::operator>>(int &value) ...@@ -78,7 +78,7 @@ eafstream &eafstream::operator>>(int &value)
eafstream &eafstream::operator>>(std::vector<int> &value) eafstream &eafstream::operator>>(std::vector<int> &value)
{ {
int *tData; int *tData;
tData = readIntArray(value.size()); tData = readIntArray((int)value.size());
// //
// We failed to read from disk. // We failed to read from disk.
// //
...@@ -110,7 +110,7 @@ eafstream &eafstream::operator>>(float &value) ...@@ -110,7 +110,7 @@ eafstream &eafstream::operator>>(float &value)
eafstream &eafstream::operator>>(std::vector<float> &value) eafstream &eafstream::operator>>(std::vector<float> &value)
{ {
float *tData; float *tData;
tData = readFloatArray(value.size()); tData = readFloatArray((int)value.size());
std::copy(tData, tData + value.size(), value.begin()); std::copy(tData, tData + value.size(), value.begin());
delete[] tData; delete[] tData;
return *this; return *this;
...@@ -410,12 +410,16 @@ void eafstream::writeDouble(double var) ...@@ -410,12 +410,16 @@ void eafstream::writeDouble(double var)
* endianness \param[in] size number of integers to read in \return integer * endianness \param[in] size number of integers to read in \return integer
* array or NULL on error. * array or NULL on error.
*/ */
int *eafstream::readIntArray(size_t size) int *eafstream::readIntArray(int size)
{ {
int fortifySize = 0;
while (fortifySize < size &&
fortifySize < std::numeric_limits<int>::max() / int_size)
fortifySize++;
int *array = NULL; int *array = NULL;
try try
{ {
array = new int[size]; array = new int[size_t(fortifySize)];
} }
catch (std::bad_alloc &xa) catch (std::bad_alloc &xa)
{ {
...@@ -424,7 +428,7 @@ int *eafstream::readIntArray(size_t size) ...@@ -424,7 +428,7 @@ int *eafstream::readIntArray(size_t size)
exit(1); exit(1);
} }
this->read((char *)(array), int(size) * int_size); this->read((char *)(array), fortifySize * int_size);
if (this->bad() || this->eof()) if (this->bad() || this->eof())
{ {
std::stringstream ss; std::stringstream ss;
...@@ -436,10 +440,10 @@ int *eafstream::readIntArray(size_t size) ...@@ -436,10 +440,10 @@ int *eafstream::readIntArray(size_t size)
} }
if (mReverseBytes == true) if (mReverseBytes == true)
{ {
reverse_array_int_bytes(array, size); reverse_array_int_bytes(array, size_t(fortifySize));
} }
// increment bytes read // increment bytes read
mBytesRead += (size * int_size); mBytesRead += (fortifySize * int_size);
return array; return array;
} // readIntArray } // readIntArray
...@@ -467,12 +471,16 @@ void eafstream::writeIntArray(const std::vector<int> &var) ...@@ -467,12 +471,16 @@ void eafstream::writeIntArray(const std::vector<int> &var)
* \brief read floats from the file, accounting for endianness * \brief read floats from the file, accounting for endianness
* \return floats or -1 on error. * \return floats or -1 on error.
*/ */
float *eafstream::readFloatArray(size_t size) float *eafstream::readFloatArray(int size)
{ {
float *array = NULL; int fortifySize = 0;
while (fortifySize < size &&
fortifySize < std::numeric_limits<int>::max() / float_size)
fortifySize++;
float *array = nullptr;
try try
{ {
array = new float[size]; array = new float[size_t(fortifySize)];
} }
catch (std::bad_alloc &xa) catch (std::bad_alloc &xa)
{ {
...@@ -480,7 +488,7 @@ float *eafstream::readFloatArray(size_t size) ...@@ -480,7 +488,7 @@ float *eafstream::readFloatArray(size_t size)
<< __LINE__ << std::endl; << __LINE__ << std::endl;
exit(1); exit(1);
} }
this->read((char *)(array), int(size) * float_size); this->read((char *)(array), fortifySize * float_size);
if (this->bad() || this->eof()) if (this->bad() || this->eof())
{ {
std::stringstream ss; std::stringstream ss;
...@@ -492,10 +500,10 @@ float *eafstream::readFloatArray(size_t size) ...@@ -492,10 +500,10 @@ float *eafstream::readFloatArray(size_t size)
} }
if (mReverseBytes == true) if (mReverseBytes == true)
{ {
reverse_array_float_bytes(array, size); reverse_array_float_bytes(array, size_t(fortifySize));
} }
// increment bytes read // increment bytes read
mBytesRead += (size * float_size); mBytesRead += (fortifySize * float_size);
return array; return array;
} }
...@@ -579,11 +587,15 @@ void eafstream::writeDoubleArray(const std::vector<double> &var) ...@@ -579,11 +587,15 @@ void eafstream::writeDoubleArray(const std::vector<double> &var)
* \brief read a string of size from the file, accounting for endianness * \brief read a string of size from the file, accounting for endianness
* \return string of size size * \return string of size size
*/ */
std::string eafstream::readString(size_t size) std::string eafstream::readString(int size)
{ {
char *array = new char[size + 1]; int fortifySize = 0;
this->read(static_cast<char *>(array), int(size)); while (fortifySize < size &&
array[size] = '\0'; fortifySize < std::numeric_limits<int>::max() - 1)
fortifySize++;
char *array = new char[size_t(fortifySize + 1)];
this->read(static_cast<char *>(array), fortifySize);
array[fortifySize] = '\0';
if (this->bad() || this->eof()) if (this->bad() || this->eof())
{ {
std::stringstream ss; std::stringstream ss;
...@@ -595,12 +607,12 @@ std::string eafstream::readString(size_t size) ...@@ -595,12 +607,12 @@ std::string eafstream::readString(size_t size)
} }
// increment bytes read // increment bytes read
mBytesRead += size; mBytesRead += fortifySize;
std::string s; std::string s;
// we must assign string to avoid // we must assign string to avoid
// implicit copy constructor which stops at '\0' // implicit copy constructor which stops at '\0'
// character in the content of data // character in the content of data
s.assign(array, size); s.assign(array, fortifySize);
delete[] array; delete[] array;
// no need to reverse ascii characters // no need to reverse ascii characters
return s; return s;
...@@ -608,7 +620,7 @@ std::string eafstream::readString(size_t size) ...@@ -608,7 +620,7 @@ std::string eafstream::readString(size_t size)
void eafstream::writeString(const std::string &var) void eafstream::writeString(const std::string &var)
{ {
this->write(var.c_str(), int(var.size())); this->write(var.c_str(), var.size());
if (this->bad() || this->eof()) if (this->bad() || this->eof())
{ {
std::stringstream ss; std::stringstream ss;
......
...@@ -80,13 +80,13 @@ class RADIX_PUBLIC eafstream : public std::fstream ...@@ -80,13 +80,13 @@ class RADIX_PUBLIC eafstream : public std::fstream
* \param[in] size number of integers to read in * \param[in] size number of integers to read in
* \return integer array or NULL on error. * \return integer array or NULL on error.
*/ */
int *readIntArray(size_t size); int *readIntArray(int size);
void writeIntArray(const std::vector<int> &var); void writeIntArray(const std::vector<int> &var);
/** /**
* \brief read an array of floats from the file, accounting for endianness * \brief read an array of floats from the file, accounting for endianness
* \return array of floats or NULL on error * \return array of floats or NULL on error
*/ */
float *readFloatArray(size_t size); float *readFloatArray(int size);
void writeFloatArray(const std::vector<float> &var); void writeFloatArray(const std::vector<float> &var);
/** /**
* \brief read an array of doubles from the file, accounting for endianness * \brief read an array of doubles from the file, accounting for endianness
...@@ -98,7 +98,7 @@ class RADIX_PUBLIC eafstream : public std::fstream ...@@ -98,7 +98,7 @@ class RADIX_PUBLIC eafstream : public std::fstream
* \brief read a string of size from the file, accounting for endianness * \brief read a string of size from the file, accounting for endianness
* \return string of size size * \return string of size size
*/ */
std::string readString(size_t size); std::string readString(int size);
void writeString(const std::string &var); void writeString(const std::string &var);
void writeString(const std::string &var, size_t length, char filler = ' '); void writeString(const std::string &var, size_t length, char filler = ' ');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment