From 96231ac1f0a9ca2b59eb9536bfb90430315034a9 Mon Sep 17 00:00:00 2001 From: Neal Krawetz Date: Wed, 6 Nov 2024 03:10:59 -0700 Subject: [PATCH] sign-digest: Fixing overflow check and output wording when start is negative. (Feedback from Bu11etmagnet.) --- src/sign-digest.cpp | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/sign-digest.cpp b/src/sign-digest.cpp index ba75147..c620eb3 100644 --- a/src/sign-digest.cpp +++ b/src/sign-digest.cpp @@ -30,13 +30,9 @@ sealfield * RangeErrorCheck (sealfield *Rec, uint64_t sum[2], mmapfile *Mmap) { // Idiot-check the range if (sum[0]==sum[1]) { return(Rec); } // sure, permit an empty range - if (sum[0] < 0) + if (sum[0] > Mmap->memsize) // sum went negative { - Rec = SealSetText(Rec,"@error","Invalid range; start of range is negative"); - } - if (sum[1] < 0) - { - Rec = SealSetText(Rec,"@error","Invalid range; end of range is negative"); + Rec = SealSetText(Rec,"@error","Invalid range; start of range is beyond end of file"); } if (sum[1] > Mmap->memsize) { @@ -207,12 +203,13 @@ sealfield * SealDigest (sealfield *Rec, mmapfile *Mmap) else { sum[1] += acc*Addsym; } // Check the range - if ((sum[1] < sum[0]) || (sum[0] < 0) || (sum[1] > Mmap->memsize)) + // sum is size_t/unsigned. If it goes negative, it will be larger than memsize. + if ((sum[1] < sum[0]) || (sum[0] > Mmap->memsize) || (sum[1] > Mmap->memsize)) { Rec = SealSetText(Rec,"@error","Invalid range in b='"); Rec = SealAddText(Rec,"@error",b); Rec = SealAddText(Rec,"@error","'"); - if (sum[0] < 0) { Rec = SealAddText(Rec,"@error","; underflow"); } + if (sum[0] > Mmap->memsize) { Rec = SealAddText(Rec,"@error","; underflow"); } if (sum[1] > Mmap->memsize) { Rec = SealAddText(Rec,"@error","; overflow"); } if (sum[1] < sum[0]) { Rec = SealAddText(Rec,"@error","; range begins after it ends"); } goto Abort;