Try to avoid fatal filter failures by better scanning during the setup phase.

2025-10-05 19:20:23 +08:00 · 2006-12-18 16:54:14 +01:00 · 2006-12-18 16:54:14 +01:00 · dde49f0bb4
commit dde49f0bb4
parent a37a75aecc
4 changed files with 34 additions and 13 deletions
--- a/src/filter/cto.h
+++ b/src/filter/cto.h
@ -58,8 +58,16 @@ static int F(Filter *f)
        // must not conflict with the mark.
        // Note that unsigned comparison checks both edges of buffer.
        for (ic = 0; ic < size - 5; ic++)
-            if (COND(b,ic) && get_le32(b+ic+1)+ic+1 >= size)
        {
+            if (!COND(b,ic))
+                continue;
+            jc = get_le32(b+ic+1)+ic+1;
+            if (jc < size)
+            {
+                if (jc + addvalue >= (1u << 24)) // hi 8 bits won't be cto8
+                    return -1;
+            }
+            else
                buf[b[ic+1]] |= 1;
        }

@ -79,8 +87,7 @@ static int F(Filter *f)
        // try to detect 'real' calls only
        if (jc < size)
        {
-            if ((1u<<24)<=(jc+addvalue))  // hi 8 bits won't be cto8
-                return 1;  // fail - buffer not restored
+            assert(jc + addvalue < (1u << 24)); // hi 8 bits won't be cto8
 #ifdef U
            set_be32(b+ic+1,jc+addvalue+cto);
 #endif
--- a/src/filter/ctoj.h
+++ b/src/filter/ctoj.h
@ -57,8 +57,16 @@ static int F(Filter *f)
        memset(buf,0,256);

        for (ic = 0; ic < size - 5; ic++)
-            if (COND(b,ic,lastcall) && get_le32(b+ic+1)+ic+1 >= size)
        {
+            if (!COND(b,ic,lastcall))
+                continue;
+            jc = get_le32(b+ic+1)+ic+1;
+            if (jc < size)
+            {
+                if (jc + addvalue >= (1u << 24)) // hi 8 bits won't be cto8
+                    return -1;
+            }
+            else
                buf[b[ic+1]] |= 1;
        }

@ -78,8 +86,7 @@ static int F(Filter *f)
        // try to detect 'real' calls only
        if (jc < size)
        {
-            if ((1u<<24)<=(jc+addvalue))  // hi 8 bits won't be cto8
-                return 1;  // fail - buffer not restored
+            assert(jc + addvalue < (1u << 24)); // hi 8 bits won't be cto8
 #ifdef U
            set_be32(b+ic+1,jc+addvalue+cto);
 #endif
--- a/src/filter/ctok.h
+++ b/src/filter/ctok.h
@ -58,8 +58,16 @@ static int F(Filter *f)
        memset(buf,0,256);

        for (ic = 0; ic < size - 5; ic++)
-            if (COND(b,ic,lastcall,id) && get_le32(b+ic+1)+ic+1 >= size)
        {
+            if (!COND(b,ic,lastcall,id))
+                continue;
+            jc = get_le32(b+ic+1)+ic+1;
+            if (jc < size)
+            {
+                if (jc + addvalue >= (1u << 24)) // hi 8 bits won't be cto8
+                    return -1;
+            }
+            else
                buf[b[ic+1]] |= 1;
        }

@ -79,8 +87,7 @@ static int F(Filter *f)
        // try to detect 'real' calls only
        if (jc < size)
        {
-            if ((1u<<24)<=(jc+addvalue))  // hi 8 bits won't be cto8
-                return 1;  // fail - buffer not restored
+            assert(jc + addvalue < (1u << 24)); // hi 8 bits won't be cto8
 #ifdef U
            set_be32(b+ic+1,jc+addvalue+cto);
 #endif