Cleaned up overflow checks in platform memory allocators (thanks to N…

…icolas Lebedenco for pointing out the original issue with long long literals).
icculus · Jan 1, 2006 · a66c36b · a66c36b
1 parent 8544ea9
commit a66c36b
Show file tree

Hide file tree

Showing 8 changed files with 32 additions and 36 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -2,6 +2,9 @@
  * CHANGELOG.
  */
 
+01012006 - Cleaned up overflow checks in platform memory allocators (thanks to
+           Nicolas Lebedenco for pointing out the original issue with
+           long long literals).
 11282005 - Corrected docs on PHYSFS_setWriteDir().
 10122005 - Fixed locateInStringList() in physfs.c (thanks, Matze!). Patched
            archivers/wad.c to compile.

diff --git a/physfs_internal.h b/physfs_internal.h
@@ -1253,6 +1253,23 @@ void __PHYSFS_sort(void *entries, PHYSFS_uint32 max,
 #define GOTO_MACRO_MUTEX(e, m, g) { __PHYSFS_setError(e); __PHYSFS_platformReleaseMutex(m); goto g; }
 #define GOTO_IF_MACRO_MUTEX(c, e, m, g) if (c) { __PHYSFS_setError(e); __PHYSFS_platformReleaseMutex(m); goto g; }
 
+#ifdef __GNUC__
+#define LONGLONGLITERAL(x) x##LL
+#else
+#define LONGLONGLITERAL(x) x
+#endif
+
+/*
+ * Check if a ui64 will fit in the platform's address space.
+ *  The initial sizeof check will optimize this macro out entirely on
+ *  64-bit (and larger?!) platforms, and the other condition will
+ *  return zero or non-zero if the variable will fit in the platform's
+ *  size_t, suitable to pass to malloc. This is kinda messy, but effective.
+ */
+#define __PHYSFS_ui64FitsAddressSpace(s) ( \
+    (sizeof (PHYSFS_uint64) > sizeof (size_t)) && \
+    ((s) > (LONGLONGLITERAL(0xFFFFFFFFFFFFFFFF) >> (64-(sizeof(size_t)*8)))) \
+)
 
 /*
  * The current allocator. Not valid before PHYSFS_init is called!

diff --git a/platform/macclassic.c b/platform/macclassic.c
@@ -944,19 +944,15 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
 
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

diff --git a/platform/os2.c b/platform/os2.c
@@ -757,19 +757,15 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
 
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

diff --git a/platform/pocketpc.c b/platform/pocketpc.c
@@ -675,19 +675,15 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
 
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

diff --git a/platform/posix.c b/platform/posix.c
@@ -517,19 +517,15 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
 
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

diff --git a/platform/skeleton.c b/platform/skeleton.c
@@ -249,19 +249,15 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
 
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

diff --git a/platform/win32.c b/platform/win32.c
@@ -1125,19 +1125,15 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
 
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */