Sanitize type 'size' parameters in our read/write file code

This patch tries to sanitize the types of our size parameters across our read and write code, which is currently fairly inconsistent (using `int`, `uint`, `size_t`...), by using `size_t` everywhere. Since in Blender file themselves we can only store chunk of size `MAX_INT`, added some asserts to ensure that as well. See {T79561} for details. Differential Revision: https://developer.blender.org/D8672
author: Bastien Montagne <bastien@blender.org> 2020-09-20 19:41:50 +0300
committer: Bastien Montagne <bastien@blender.org> 2020-09-20 19:41:50 +0300
commit: 5ea1049e7520c0f369d2a76811410b1274699e81 (patch)
tree: 5d7f5158b8c329b9a7e3b0fa5aa6ac2ce65701a1 /source/blender/blenloader/intern/writefile.c
parent: 86c5d1f4aa07551b289619da501889a172a39e03 (diff)
1 files changed, 39 insertions, 29 deletions
diff --git a/source/blender/blenloader/intern/writefile.c b/source/blender/blenloader/intern/writefile.c
index 8dc661e6c85..db51bb79f41 100644
--- a/source/blender/blenloader/intern/writefile.c
+++ b/source/blender/blenloader/intern/writefile.c
@@ -297,7 +297,7 @@ typedef struct {
   /** Use for file and memory writing (fixed size of #MYWRITE_BUFFER_SIZE). */
   uchar *buf;
   /** Number of bytes used in #WriteData.buf (flushed when exceeded). */
-  int buf_used_len;
+  size_t buf_used_len;
 
 #ifdef USE_WRITE_DATA_LEN
   /** Total number of bytes written. */
@@ -339,12 +339,17 @@ static WriteData *writedata_new(WriteWrap *ww)
   return wd;
 }
 
-static void writedata_do_write(WriteData *wd, const void *mem, int memlen)
+static void writedata_do_write(WriteData *wd, const void *mem, size_t memlen)
 {
   if ((wd == NULL) || wd->error || (mem == NULL) || memlen < 1) {
     return;
   }
 
+  if (memlen > INT_MAX) {
+    BLI_assert(!"Cannot write chunks bigger than INT_MAX.");
+    return;
+  }
+
   if (UNLIKELY(wd->error)) {
     return;
   }
@@ -380,7 +385,7 @@ static void writedata_free(WriteData *wd)
  */
 static void mywrite_flush(WriteData *wd)
 {
-  if (wd->buf_used_len) {
+  if (wd->buf_used_len != 0) {
     writedata_do_write(wd, wd->buf, wd->buf_used_len);
     wd->buf_used_len = 0;
   }
@@ -391,7 +396,7 @@ static void mywrite_flush(WriteData *wd)
  * \param adr: Pointer to new chunk of data
  * \param len: Length of new chunk of data
  */
-static void mywrite(WriteData *wd, const void *adr, int len)
+static void mywrite(WriteData *wd, const void *adr, size_t len)
 {
   if (UNLIKELY(wd->error)) {
     return;
@@ -413,13 +418,13 @@ static void mywrite(WriteData *wd, const void *adr, int len)
     /* if we have a single big chunk, write existing data in
      * buffer and write out big chunk in smaller pieces */
     if (len > MYWRITE_MAX_CHUNK) {
-      if (wd->buf_used_len) {
+      if (wd->buf_used_len != 0) {
         writedata_do_write(wd, wd->buf, wd->buf_used_len);
         wd->buf_used_len = 0;
       }
 
       do {
-        int writelen = MIN2(len, MYWRITE_MAX_CHUNK);
+        size_t writelen = MIN2(len, MYWRITE_MAX_CHUNK);
         writedata_do_write(wd, adr, writelen);
         adr = (const char *)adr + writelen;
         len -= writelen;
@@ -467,7 +472,7 @@ static WriteData *mywrite_begin(WriteWrap *ww, MemFile *compare, MemFile *curren
  */
 static bool mywrite_end(WriteData *wd)
 {
-  if (wd->buf_used_len) {
+  if (wd->buf_used_len != 0) {
     writedata_do_write(wd, wd->buf, wd->buf_used_len);
     wd->buf_used_len = 0;
   }
@@ -557,7 +562,7 @@ static void writestruct_at_address_nr(
   }
 
   mywrite(wd, &bh, sizeof(BHead));
-  mywrite(wd, data, bh.len);
+  mywrite(wd, data, (size_t)bh.len);
 }
 
 static void writestruct_nr(
@@ -567,7 +572,7 @@ static void writestruct_nr(
 }
 
 /* do not use for structs */
-static void writedata(WriteData *wd, int filecode, int len, const void *adr)
+static void writedata(WriteData *wd, int filecode, size_t len, const void *adr)
 {
   BHead bh;
 
@@ -575,15 +580,20 @@ static void writedata(WriteData *wd, int filecode, int len, const void *adr)
     return;
   }
 
+  if (len > INT_MAX) {
+    BLI_assert(!"Cannot write chunks bigger than INT_MAX.");
+    return;
+  }
+
   /* align to 4 (writes uninitialized bytes in some cases) */
-  len = (len + 3) & ~3;
+  len = (len + 3) & ~((size_t)3);
 
   /* init BHead */
   bh.code = filecode;
   bh.old = adr;
   bh.nr = 1;
   bh.SDNAnr = 0;
-  bh.len = len;
+  bh.len = (int)len;
 
   mywrite(wd, &bh, sizeof(BHead));
   mywrite(wd, adr, len);
@@ -1679,10 +1689,10 @@ static void write_scene(BlendWriter *writer, Scene *sce, const void *id_address)
   if (sce->r.avicodecdata) {
     BLO_write_struct(writer, AviCodecData, sce->r.avicodecdata);
     if (sce->r.avicodecdata->lpFormat) {
-      BLO_write_raw(writer, sce->r.avicodecdata->cbFormat, sce->r.avicodecdata->lpFormat);
+      BLO_write_raw(writer, (size_t)sce->r.avicodecdata->cbFormat, sce->r.avicodecdata->lpFormat);
     }
     if (sce->r.avicodecdata->lpParms) {
-      BLO_write_raw(writer, sce->r.avicodecdata->cbParms, sce->r.avicodecdata->lpParms);
+      BLO_write_raw(writer, (size_t)sce->r.avicodecdata->cbParms, sce->r.avicodecdata->lpParms);
     }
   }
   if (sce->r.ffcodecdata.properties) {
@@ -1947,7 +1957,7 @@ static void write_area_regions(BlendWriter *writer, ScrArea *area)
       LISTBASE_FOREACH (ConsoleLine *, cl, &con->history) {
         /* 'len_alloc' is invalid on write, set from 'len' on read */
         BLO_write_struct(writer, ConsoleLine, cl);
-        BLO_write_raw(writer, cl->len + 1, cl->line);
+        BLO_write_raw(writer, (size_t)cl->len + 1, cl->line);
       }
       BLO_write_struct(writer, SpaceConsole, sl);
     }
@@ -2411,7 +2421,7 @@ static bool write_file_handle(Main *mainvar,
    *
    * Note that we *borrow* the pointer to 'DNAstr',
    * so writing each time uses the same address and doesn't cause unnecessary undo overhead. */
-  writedata(wd, DNA1, wd->sdna->data_len, wd->sdna->data);
+  writedata(wd, DNA1, (size_t)wd->sdna->data_len, wd->sdna->data);
 
   /* end of file */
   memset(&bhead, 0, sizeof(BHead));
@@ -2632,7 +2642,7 @@ bool BLO_write_file_mem(Main *mainvar, MemFile *compare, MemFile *current, int w
   return (err == 0);
 }
 
-void BLO_write_raw(BlendWriter *writer, int size_in_bytes, const void *data_ptr)
+void BLO_write_raw(BlendWriter *writer, size_t size_in_bytes, const void *data_ptr)
 {
   writedata(writer->wd, DATA, size_in_bytes, data_ptr);
 }
@@ -2708,38 +2718,38 @@ int BLO_get_struct_id_by_name(BlendWriter *writer, const char *struct_name)
   return struct_id;
 }
 
-void BLO_write_int32_array(BlendWriter *writer, int size, const int32_t *data_ptr)
+void BLO_write_int32_array(BlendWriter *writer, uint num, const int32_t *data_ptr)
 {
-  BLO_write_raw(writer, sizeof(int32_t) * size, data_ptr);
+  BLO_write_raw(writer, sizeof(int32_t) * (size_t)num, data_ptr);
 }
 
-void BLO_write_uint32_array(BlendWriter *writer, int size, const uint32_t *data_ptr)
+void BLO_write_uint32_array(BlendWriter *writer, uint num, const uint32_t *data_ptr)
 {
-  BLO_write_raw(writer, sizeof(uint32_t) * size, data_ptr);
+  BLO_write_raw(writer, sizeof(uint32_t) * (size_t)num, data_ptr);
 }
 
-void BLO_write_float_array(BlendWriter *writer, int size, const float *data_ptr)
+void BLO_write_float_array(BlendWriter *writer, uint num, const float *data_ptr)
 {
-  BLO_write_raw(writer, sizeof(float) * size, data_ptr);
+  BLO_write_raw(writer, sizeof(float) * (size_t)num, data_ptr);
 }
 
-void BLO_write_pointer_array(BlendWriter *writer, int size, const void *data_ptr)
+void BLO_write_pointer_array(BlendWriter *writer, uint num, const void *data_ptr)
 {
-  BLO_write_raw(writer, sizeof(void *) * size, data_ptr);
+  BLO_write_raw(writer, sizeof(void *) * (size_t)num, data_ptr);
 }
 
-void BLO_write_float3_array(BlendWriter *writer, int size, const float *data_ptr)
+void BLO_write_float3_array(BlendWriter *writer, uint num, const float *data_ptr)
 {
-  BLO_write_raw(writer, sizeof(float[3]) * size, data_ptr);
+  BLO_write_raw(writer, sizeof(float[3]) * (size_t)num, data_ptr);
 }
 
 /**
  * Write a null terminated string.
  */
-void BLO_write_string(BlendWriter *writer, const char *str)
+void BLO_write_string(BlendWriter *writer, const char *data_ptr)
 {
-  if (str != NULL) {
-    BLO_write_raw(writer, strlen(str) + 1, str);
+  if (data_ptr != NULL) {
+    BLO_write_raw(writer, strlen(data_ptr) + 1, data_ptr);
   }
 }
author	Bastien Montagne <bastien@blender.org>	2020-09-20 19:41:50 +0300
committer	Bastien Montagne <bastien@blender.org>	2020-09-20 19:41:50 +0300
commit	5ea1049e7520c0f369d2a76811410b1274699e81 (patch)
tree	5d7f5158b8c329b9a7e3b0fa5aa6ac2ce65701a1 /source/blender/blenloader/intern/writefile.c
parent	86c5d1f4aa07551b289619da501889a172a39e03 (diff)