diff options
| author | Simon McVittie <smcv@collabora.com> | 2018-08-17 19:50:13 +0100 |
|---|---|---|
| committer | Simon McVittie <smcv@collabora.com> | 2018-12-03 19:05:13 +0000 |
| commit | f9700a8a477a1f71b36e894361a3f8bdc64dc32f (patch) | |
| tree | 6b2b37cde2186073ce7484a3b20c2ad1e99e7563 /dbus/dbus-hash.c | |
| parent | 451192ba8a5a4f1712de351ecbd2b668dc96ec87 (diff) | |
| download | dbus-f9700a8a477a1f71b36e894361a3f8bdc64dc32f.tar.gz | |
DBusHash: Program a bit more defensively
In particular, the assertions that bucket >= table->buckets and
bucket <= &table->buckets[table->n_buckets - 1] catch the bug fixed
by the previous commit, by ensuring that bucket is somewhere inside
the new array of buckets.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Diffstat (limited to 'dbus/dbus-hash.c')
| -rw-r--r-- | dbus/dbus-hash.c | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/dbus/dbus-hash.c b/dbus/dbus-hash.c index b438a2e0..a931976e 100644 --- a/dbus/dbus-hash.c +++ b/dbus/dbus-hash.c @@ -745,8 +745,8 @@ _dbus_hash_iter_lookup (DBusHashTable *table, DBusHashIter *iter) { DBusRealHashIter *real; - DBusHashEntry *entry; - DBusHashEntry **bucket; + DBusHashEntry *entry = NULL; + DBusHashEntry **bucket = NULL; _DBUS_STATIC_ASSERT (sizeof (DBusHashIter) == sizeof (DBusRealHashIter)); @@ -754,9 +754,15 @@ _dbus_hash_iter_lookup (DBusHashTable *table, entry = (* table->find_function) (table, key, create_if_not_found, &bucket, NULL); + /* entry == NULL means not found, and either !create_if_not_found or OOM */ if (entry == NULL) return FALSE; + _dbus_assert (bucket != NULL); + _dbus_assert (table->n_buckets >= 1); + _dbus_assert (bucket >= table->buckets); + _dbus_assert (bucket <= &table->buckets[table->n_buckets - 1]); + if (create_if_not_found) { if (table->free_key_function && entry->key != key) @@ -772,6 +778,8 @@ _dbus_hash_iter_lookup (DBusHashTable *table, real->next_bucket = (bucket - table->buckets) + 1; real->n_entries_on_init = table->n_entries; + _dbus_assert (real->next_bucket >= 0); + _dbus_assert (real->next_bucket <= table->n_buckets); _dbus_assert (&(table->buckets[real->next_bucket-1]) == real->bucket); return TRUE; @@ -856,6 +864,7 @@ add_entry (DBusHashTable *table, } add_allocated_entry (table, entry, idx, key, bucket); + _dbus_assert (bucket == NULL || *bucket != NULL); return entry; } @@ -913,10 +922,19 @@ find_generic_function (DBusHashTable *table, } if (create_if_not_found) - entry = add_entry (table, idx, key, bucket, preallocated); + { + entry = add_entry (table, idx, key, bucket, preallocated); + + if (entry == NULL) /* OOM */ + return NULL; + + _dbus_assert (bucket == NULL || *bucket != NULL); + } else if (preallocated) - _dbus_hash_table_free_preallocated_entry (table, preallocated); - + { + _dbus_hash_table_free_preallocated_entry (table, preallocated); + } + return entry; } |