diff options
Diffstat (limited to 'src/third_party/wiredtiger/src/include/intpack.i')
| -rw-r--r-- | src/third_party/wiredtiger/src/include/intpack.i | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/src/third_party/wiredtiger/src/include/intpack.i b/src/third_party/wiredtiger/src/include/intpack.i index d3fdfeaf1a6..0830704fb6d 100644 --- a/src/third_party/wiredtiger/src/include/intpack.i +++ b/src/third_party/wiredtiger/src/include/intpack.i @@ -47,8 +47,14 @@ #define GET_BITS(x, start, end) \ (((uint64_t)(x) & ((1U << (start)) - 1U)) >> (end)) -#define WT_SIZE_CHECK(l, maxl) \ +/* + * Size checks: return ENOMEM if not enough room when writing, EINVAL if the + * length is wrong when reading (presumably the value is corrupted). + */ +#define WT_SIZE_CHECK_PACK(l, maxl) \ WT_RET_TEST((maxl) != 0 && (size_t)(l) > (maxl), ENOMEM) +#define WT_SIZE_CHECK_UNPACK(l, maxl) \ + WT_RET_TEST((maxl) != 0 && (size_t)(l) > (maxl), EINVAL) /* Count the leading zero bytes. */ #if defined(__GNUC__) @@ -84,7 +90,7 @@ __wt_vpack_posint(uint8_t **pp, size_t maxlen, uint64_t x) WT_LEADING_ZEROS(x, lz); len = (int)sizeof (x) - lz; - WT_SIZE_CHECK(len + 1, maxlen); + WT_SIZE_CHECK_PACK(len + 1, maxlen); p = *pp; /* There are four bits we can use in the first byte. */ @@ -109,7 +115,7 @@ __wt_vpack_negint(uint8_t **pp, size_t maxlen, uint64_t x) WT_LEADING_ZEROS(~x, lz); len = (int)sizeof (x) - lz; - WT_SIZE_CHECK(len + 1, maxlen); + WT_SIZE_CHECK_PACK(len + 1, maxlen); p = *pp; /* @@ -141,7 +147,7 @@ __wt_vunpack_posint(const uint8_t **pp, size_t maxlen, uint64_t *retp) /* There are four length bits in the first byte. */ p = *pp; len = (*p++ & 0xf); - WT_SIZE_CHECK(len + 1, maxlen); + WT_SIZE_CHECK_UNPACK(len + 1, maxlen); for (x = 0; len != 0; --len) x = (x << 8) | *p++; @@ -165,7 +171,7 @@ __wt_vunpack_negint(const uint8_t **pp, size_t maxlen, uint64_t *retp) /* There are four length bits in the first byte. */ p = *pp; len = (int)sizeof (x) - (*p++ & 0xf); - WT_SIZE_CHECK(len + 1, maxlen); + WT_SIZE_CHECK_UNPACK(len + 1, maxlen); for (x = UINT64_MAX; len != 0; --len) x = (x << 8) | *p++; @@ -184,12 +190,12 @@ __wt_vpack_uint(uint8_t **pp, size_t maxlen, uint64_t x) { uint8_t *p; - WT_SIZE_CHECK(1, maxlen); + WT_SIZE_CHECK_PACK(1, maxlen); p = *pp; if (x <= POS_1BYTE_MAX) *p++ = POS_1BYTE_MARKER | GET_BITS(x, 6, 0); else if (x <= POS_2BYTE_MAX) { - WT_SIZE_CHECK(2, maxlen); + WT_SIZE_CHECK_PACK(2, maxlen); x -= POS_1BYTE_MAX + 1; *p++ = POS_2BYTE_MARKER | GET_BITS(x, 13, 8); *p++ = GET_BITS(x, 8, 0); @@ -220,13 +226,13 @@ __wt_vpack_int(uint8_t **pp, size_t maxlen, int64_t x) { uint8_t *p; - WT_SIZE_CHECK(1, maxlen); + WT_SIZE_CHECK_PACK(1, maxlen); p = *pp; if (x < NEG_2BYTE_MIN) { *p = NEG_MULTI_MARKER; return (__wt_vpack_negint(pp, maxlen, (uint64_t)x)); } else if (x < NEG_1BYTE_MIN) { - WT_SIZE_CHECK(2, maxlen); + WT_SIZE_CHECK_PACK(2, maxlen); x -= NEG_2BYTE_MIN; *p++ = NEG_2BYTE_MARKER | GET_BITS(x, 13, 8); *p++ = GET_BITS(x, 8, 0); @@ -250,7 +256,7 @@ __wt_vunpack_uint(const uint8_t **pp, size_t maxlen, uint64_t *xp) { const uint8_t *p; - WT_SIZE_CHECK(1, maxlen); + WT_SIZE_CHECK_UNPACK(1, maxlen); p = *pp; switch (*p & 0xf0) { case POS_1BYTE_MARKER: @@ -262,7 +268,7 @@ __wt_vunpack_uint(const uint8_t **pp, size_t maxlen, uint64_t *xp) break; case POS_2BYTE_MARKER: case POS_2BYTE_MARKER | 0x10: - WT_SIZE_CHECK(2, maxlen); + WT_SIZE_CHECK_UNPACK(2, maxlen); *xp = GET_BITS(*p++, 5, 0) << 8; *xp |= *p++; *xp += POS_1BYTE_MAX + 1; @@ -288,7 +294,7 @@ __wt_vunpack_int(const uint8_t **pp, size_t maxlen, int64_t *xp) { const uint8_t *p; - WT_SIZE_CHECK(1, maxlen); + WT_SIZE_CHECK_UNPACK(1, maxlen); p = *pp; switch (*p & 0xf0) { case NEG_MULTI_MARKER: @@ -296,7 +302,7 @@ __wt_vunpack_int(const uint8_t **pp, size_t maxlen, int64_t *xp) return (0); case NEG_2BYTE_MARKER: case NEG_2BYTE_MARKER | 0x10: - WT_SIZE_CHECK(2, maxlen); + WT_SIZE_CHECK_UNPACK(2, maxlen); *xp = (int64_t)(GET_BITS(*p++, 5, 0) << 8); *xp |= *p++; *xp += NEG_2BYTE_MIN; |