From 208979ed0126a31e48b435ef62bc9bac4db561f3 Mon Sep 17 00:00:00 2001 From: Robert Loehning Date: Thu, 22 Oct 2020 21:40:20 +0200 Subject: Revert changes in strto(u)ll.c to avoid integer overflows Found in oss-fuzz issue 26045. Change-Id: Id9eac1b4f67ad9bbe2d92dd69cd03338a6ced74e Reviewed-by: Thiago Macieira (cherry picked from commit 2096400d6e8249e49df049f9600073fb2219c97a) --- ...reeBSD-strto-u-ll-functions-to-work-insid.patch | 53 ++++++++++++---------- src/3rdparty/freebsd/strtoll.c | 2 +- src/3rdparty/freebsd/strtoull.c | 2 +- src/corelib/tools/qlocale_tools.cpp | 4 ++ 4 files changed, 36 insertions(+), 25 deletions(-) diff --git a/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch b/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch index b21d483a9c..8fd012e4b1 100644 --- a/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch +++ b/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch @@ -11,16 +11,22 @@ Changes: - remove the locale_t parameter and use ascii_isspace instead of isspace_l - fix compilation with -Wcast-qual (requires C++) ---- - src/3rdparty/freebsd/strtoll.c | 27 ++++----------------------- - src/3rdparty/freebsd/strtoull.c | 27 ++++----------------------- - 2 files changed, 8 insertions(+), 46 deletions(-) + src/3rdparty/freebsd/strtoll.c | 27 +++------------------------ + src/3rdparty/freebsd/strtoull.c | 27 +++------------------------ + 2 files changed, 6 insertions(+), 48 deletions(-) diff --git a/src/3rdparty/freebsd/strtoll.c b/src/3rdparty/freebsd/strtoll.c -index 16a8196..7b4505e 100644 +index c87aefb1cd..89da83425d 100644 --- a/src/3rdparty/freebsd/strtoll.c +++ b/src/3rdparty/freebsd/strtoll.c -@@ -32,18 +32,6 @@ +@@ -1,6 +1,4 @@ + /*- +- * SPDX-License-Identifier: BSD-3-Clause +- * + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * +@@ -34,18 +32,6 @@ * SUCH DAMAGE. */ @@ -39,7 +45,7 @@ index 16a8196..7b4505e 100644 /* * Convert a string to a long long integer. * -@@ -51,15 +39,13 @@ __FBSDID("$FreeBSD$"); +@@ -53,15 +39,13 @@ __FBSDID("$FreeBSD$"); * alphabets and digits are each contiguous. */ long long @@ -56,7 +62,7 @@ index 16a8196..7b4505e 100644 /* * Skip white space and pick up leading +/- sign if any. -@@ -69,7 +55,7 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base, +@@ -71,7 +55,7 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base, s = nptr; do { c = *s++; @@ -65,12 +71,9 @@ index 16a8196..7b4505e 100644 if (c == '-') { neg = 1; c = *s++; -@@ -141,13 +127,8 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base, - noconv: - errno = EINVAL; +@@ -145,11 +129,6 @@ noconv: } else if (neg) -- acc = -acc; -+ acc = (unsigned long long) -(long long)acc; + acc = -acc; if (endptr != NULL) - *endptr = (char *)(any ? s - 1 : nptr); + *endptr = const_cast(any ? s - 1 : nptr); @@ -82,10 +85,17 @@ index 16a8196..7b4505e 100644 - return strtoll_l(nptr, endptr, base, __get_locale()); -} diff --git a/src/3rdparty/freebsd/strtoull.c b/src/3rdparty/freebsd/strtoull.c -index dc40e0e..1eb9257 100644 +index 58a9b23b56..cf151691ad 100644 --- a/src/3rdparty/freebsd/strtoull.c +++ b/src/3rdparty/freebsd/strtoull.c -@@ -32,18 +32,6 @@ +@@ -1,6 +1,4 @@ + /*- +- * SPDX-License-Identifier: BSD-3-Clause +- * + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * +@@ -34,18 +32,6 @@ * SUCH DAMAGE. */ @@ -104,7 +114,7 @@ index dc40e0e..1eb9257 100644 /* * Convert a string to an unsigned long long integer. * -@@ -51,15 +39,13 @@ __FBSDID("$FreeBSD$"); +@@ -53,15 +39,13 @@ __FBSDID("$FreeBSD$"); * alphabets and digits are each contiguous. */ unsigned long long @@ -121,7 +131,7 @@ index dc40e0e..1eb9257 100644 /* * See strtoq for comments as to the logic used. -@@ -67,7 +53,7 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base, +@@ -69,7 +53,7 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base, s = nptr; do { c = *s++; @@ -130,12 +140,9 @@ index dc40e0e..1eb9257 100644 if (c == '-') { neg = 1; c = *s++; -@@ -119,13 +105,8 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base, - noconv: - errno = EINVAL; +@@ -123,11 +107,6 @@ noconv: } else if (neg) -- acc = -acc; -+ acc = (unsigned long long) -(long long)acc; + acc = -acc; if (endptr != NULL) - *endptr = (char *)(any ? s - 1 : nptr); + *endptr = const_cast(any ? s - 1 : nptr); @@ -147,5 +154,5 @@ index dc40e0e..1eb9257 100644 - return strtoull_l(nptr, endptr, base, __get_locale()); -} -- -2.1.4 +2.25.1 diff --git a/src/3rdparty/freebsd/strtoll.c b/src/3rdparty/freebsd/strtoll.c index 7b4505eddc..89da83425d 100644 --- a/src/3rdparty/freebsd/strtoll.c +++ b/src/3rdparty/freebsd/strtoll.c @@ -127,7 +127,7 @@ qt_strtoll(const char * nptr, char **endptr, int base) noconv: errno = EINVAL; } else if (neg) - acc = (unsigned long long) -(long long)acc; + acc = -acc; if (endptr != NULL) *endptr = const_cast(any ? s - 1 : nptr); return (acc); diff --git a/src/3rdparty/freebsd/strtoull.c b/src/3rdparty/freebsd/strtoull.c index 1eb92578d4..cf151691ad 100644 --- a/src/3rdparty/freebsd/strtoull.c +++ b/src/3rdparty/freebsd/strtoull.c @@ -105,7 +105,7 @@ qt_strtoull(const char * nptr, char **endptr, int base) noconv: errno = EINVAL; } else if (neg) - acc = (unsigned long long) -(long long)acc; + acc = -acc; if (endptr != NULL) *endptr = const_cast(any ? s - 1 : nptr); return (acc); diff --git a/src/corelib/tools/qlocale_tools.cpp b/src/corelib/tools/qlocale_tools.cpp index 38af8038ee..c5c495c8a3 100644 --- a/src/corelib/tools/qlocale_tools.cpp +++ b/src/corelib/tools/qlocale_tools.cpp @@ -70,8 +70,12 @@ QT_BEGIN_NAMESPACE +QT_WARNING_PUSH + /* "unary minus operator applied to unsigned type, result still unsigned" */ +QT_WARNING_DISABLE_MSVC(4146) #include "../../3rdparty/freebsd/strtoull.c" #include "../../3rdparty/freebsd/strtoll.c" +QT_WARNING_POP QT_CLOCALE_HOLDER -- cgit v1.2.3