[Git][NTPsec/ntpsec][master] 4 commits: decodenetnum(): be sure not to dereference NULL, add some parens.

Gary E. Miller gitlab at mg.gitlab.com
Wed Apr 12 20:35:04 UTC 2017 

Gary E. Miller pushed to branch master at NTPsec / ntpsec


Commits:
13f3a3ee by Gary E. Miller at 2017-04-12T12:42:26-07:00
decodenetnum(): be sure not to dereference NULL, add some parens.

- - - - -
0b7184cd by Gary E. Miller at 2017-04-12T13:28:10-07:00
tests/lfpfunc: more verbose error message.

- - - - -
8dfde607 by Gary E. Miller at 2017-04-12T13:33:50-07:00
tests/lfptostr: fix casts and sizes.

You can not put a 64 bit value in a long in a 32 bit binary.

- - - - -
243e271a by Gary E. Miller at 2017-04-12T13:34:03-07:00
tests/prettydate: fix cast and size.

You can not put a 64 bit value in a long in a 32 bit binary.

- - - - -


4 changed files:

- libntp/decodenetnum.c
- tests/libntp/lfpfunc.c
- tests/libntp/lfptostr.c
- tests/libntp/prettydate.c


Changes:

=====================================
libntp/decodenetnum.c
=====================================
--- a/libntp/decodenetnum.c
+++ b/libntp/decodenetnum.c
@@ -35,16 +35,20 @@ decodenetnum(
 {
 	struct addrinfo hints, *ai = NULL;
 	const char *ip_start, *ip_end, *port_start, *temp;
-	const size_t numlen = strlen(num);
+	size_t numlen;
 	bool have_brackets;
 
 	char ip[INET6_ADDRSTRLEN];
 
 	ZERO(*netnum);               /* don't return random data on fail */
-	NTP_REQUIRE(num != NULL);
+        /* check num not NULL before using it */
+	if ( NULL == num) {
+                return false;
+        }
+	numlen = strlen(num);
 	/* Quickly reject empty or impossibly long inputs. */
 	if(numlen == 0 ||
-	   numlen > (sizeof ip - 1) + (NI_MAXSERV - 1) + (3 /* "[]:" */)) {
+	   numlen > ((sizeof(ip) - 1) + (NI_MAXSERV - 1) + (3 /* "[]:" */))) {
 		return false;
 	}
 
@@ -99,7 +103,7 @@ decodenetnum(
 	   either NULL or pointing to the start of the port. Check
 	   whether the IP is short enough to possibly be valid and
 	   if so copy it into ip. */
-	if(ip_end - ip_start + 1 > (int)sizeof(ip)) {
+	if ((ip_end - ip_start + 1) > (int)sizeof(ip)) {
 		return false;
 	} else {
 		memcpy(ip, ip_start, (size_t)(ip_end - ip_start));


=====================================
tests/libntp/lfpfunc.c
=====================================
--- a/tests/libntp/lfpfunc.c
+++ b/tests/libntp/lfpfunc.c
@@ -245,6 +245,7 @@ TEST(lfpfunc, Absolute) {
 //----------------------------------------------------------------------
 TEST(lfpfunc, FDF_RoundTrip) {
 	size_t idx = 0;
+        char msg[512];
 
 	// since a l_fp has 64 bits in its mantissa and a double has
 	// only 54 bits available (including the hidden '1') we have to
@@ -261,7 +262,9 @@ TEST(lfpfunc, FDF_RoundTrip) {
 
 		l_fp temp = op1 - op3;
 		double d = lfptod(temp);
-		TEST_ASSERT_DOUBLE_WITHIN(eps(op2), 0.0, fabs(d));
+                snprintf(msg, sizeof(msg), "%d not %d within %d",
+                         op1, op2, eps(op2));
+		TEST_ASSERT_DOUBLE_WITHIN_MESSAGE(eps(op2), 0.0, fabs(d), msg);
 	}
 
 	return;


=====================================
tests/libntp/lfptostr.c
=====================================
--- a/tests/libntp/lfptostr.c
+++ b/tests/libntp/lfptostr.c
@@ -103,17 +103,17 @@ TEST(lfptostr, MillisecondsRoundingDown) {
 }
 
 TEST(lfptostr, UnsignedInteger) {
-	l_fp test1 = lfpinit(3000000000L, 0);
-	l_fp test2 = lfpinit(3000000L, 0x80000000);
-	l_fp test3 = lfpinit(13L, 0xC0000000);
-	l_fp test4 = lfpinit(13L, 0x028F5C28);
-
-	l_fp test5 = lfpinit(4212665562L, 0x3C6BE7E6);
-	l_fp test6 = lfpinit(4212665562L, 0x36222683);
-	l_fp test7 = lfpinit(4212665562L, 0xBD3F2F5A);
-	l_fp test8a = lfpinit(1444359386L, 0x2E0C7582);
-	l_fp test8b = lfpinit(1444359386L, 0x2E0C7583);
-	l_fp test9 = lfpinit(3660323067L, 0x1CD3101C);
+	l_fp test1 = lfpinit((int32_t)3000000000LL, 0);
+	l_fp test2 = lfpinit((int32_t)3000000L, 0x80000000);
+	l_fp test3 = lfpinit((int32_t)13L, 0xC0000000);
+	l_fp test4 = lfpinit((int32_t)13L, 0x028F5C28);
+
+	l_fp test5 = lfpinit((int32_t)4212665562LL, 0x3C6BE7E6);
+	l_fp test6 = lfpinit((int32_t)4212665562LL, 0x36222683);
+	l_fp test7 = lfpinit((int32_t)4212665562LL, 0xBD3F2F5A);
+	l_fp test8a = lfpinit((int32_t)1444359386LL, 0x2E0C7582);
+	l_fp test8b = lfpinit((int32_t)1444359386LL, 0x2E0C7583);
+	l_fp test9 = lfpinit((int32_t)3660323067LL, 0x1CD3101C);
 
 	TEST_ASSERT_EQUAL_STRING("3000000000.0", ulfptoa(test1, 1));
 	TEST_ASSERT_EQUAL_STRING("3000000000.000000", ulfptoa(test1, 6));


=====================================
tests/libntp/prettydate.c
=====================================
--- a/tests/libntp/prettydate.c
+++ b/tests/libntp/prettydate.c
@@ -16,7 +16,7 @@ TEST_TEAR_DOWN(prettydate) {}
 static const uint32_t HALF = 2147483648UL;
 
 TEST(prettydate, ConstantDate) {
-    l_fp t = lfpinit(3485080800L, HALF); // 2010-06-09 14:00:00.5
+    l_fp t = lfpinit((int32_t)3485080800LL, HALF); // 2010-06-09 14:00:00.5
 
 	TEST_ASSERT_EQUAL_STRING("cfba1ce0.80000000 2010-06-09T14:00:00.500Z", gmprettydate(t));
 }



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/3d0423deec390de47e514aad1327384e7bcef5d1...243e271a062345f292815b2b6b74e3a14a06016b

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/3d0423deec390de47e514aad1327384e7bcef5d1...243e271a062345f292815b2b6b74e3a14a06016b
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20170412/1cdda4b5/attachment.html>

More information about the vc mailing list