[master] 2fd1c81b1 vmod_blob flexelinting

Nils Goroll nils.goroll at uplex.de
Tue Mar 10 11:39:06 UTC 2020 

commit 2fd1c81b16bb9557ec8ef38b97eebcd1b89c944f
Author: Nils Goroll <nils.goroll at uplex.de>
Date:   Tue Mar 10 12:36:46 2020 +0100

    vmod_blob flexelinting

diff --git a/lib/libvmod_blob/base64.c b/lib/libvmod_blob/base64.c
index 82f897dbe..06b4c1df0 100644
--- a/lib/libvmod_blob/base64.c
+++ b/lib/libvmod_blob/base64.c
@@ -253,7 +253,8 @@ base64_encode(const enum encoding enc, const enum case_e kase,
 			}
 		}
 	}
-	assert(p >= buf && p - buf <= buflen);
+	assert(p >= buf);
+	assert(p <= buf + buflen);
 	return (p - buf);
 }
 
diff --git a/lib/libvmod_blob/hex.c b/lib/libvmod_blob/hex.c
index 1444faeeb..8c2bf1d28 100644
--- a/lib/libvmod_blob/hex.c
+++ b/lib/libvmod_blob/hex.c
@@ -135,7 +135,7 @@ hex_decode(const enum encoding dec, blob_dest_t buf,
 
 	if (len == 0)
 		return (0);
-	if (n != -1 && len > n)
+	if (n > 0 && len > n)
 		len = n;
 
 	if (((len+1) >> 1) > buflen) {
diff --git a/lib/libvmod_blob/vmod_blob.c b/lib/libvmod_blob/vmod_blob.c
index 14c1d0160..b99bab762 100644
--- a/lib/libvmod_blob/vmod_blob.c
+++ b/lib/libvmod_blob/vmod_blob.c
@@ -422,6 +422,7 @@ vmod_transcode(VRT_CTX, VCL_ENUM decs, VCL_ENUM encs, VCL_ENUM case_s,
 	struct vrt_blob b;
 	VCL_STRING r;
 	size_t l;
+	ssize_t len;
 
 	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
 	CHECK_OBJ_NOTNULL(ctx->ws, WS_MAGIC);
@@ -447,14 +448,16 @@ vmod_transcode(VRT_CTX, VCL_ENUM decs, VCL_ENUM encs, VCL_ENUM case_s,
 	if (length <= 0)
 		length = -1;
 	errno = 0;
-	b.len = func[dec].decode(dec, buf, l, length, strings);
-	b.blob = buf;
+	len = func[dec].decode(dec, buf, l, length, strings);
 
-	if (b.len == -1) {
+	if (len < 0) {
 		err_decode(ctx, strings->p[0]);
 		return (NULL);
 	}
 
+	b.len = len;
+	b.blob = buf;
+
 	/*
 	 * If the encoding and decoding are the same, and the decoding was
 	 * legal, just return the concatenated string.
@@ -529,6 +532,11 @@ vmod_sub(VRT_CTX, VCL_BLOB b, VCL_BYTES n, VCL_BYTES off)
 
 	assert(b->len > 0);
 
+	if (off < 0 || n < 0) {
+		ERR(ctx, "size and offset cannot be negative in blob.sub()");
+		return (NULL);
+	}
+
 	if (off + n > b->len) {
 		VERR(ctx, "size %jd from offset %jd requires more bytes than "
 		    "blob length %zd in blob.sub()",

More information about the varnish-commit mailing list