From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Rob Browning <rlb@defaultvalue.org>
Newsgroups: gmane.lisp.guile.devel
Subject: [PATCH 1/1] fports: handle revealed as unsigned everywhere and check
 range
Date: Sat, 19 Sep 2020 20:58:54 -0500
Message-ID: <20200920015854.2229195-1-rlb@defaultvalue.org>
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="30527"; mail-complaints-to="usenet@ciao.gmane.io"
To: guile-devel@gnu.org
Original-X-From: guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org Sun Sep 20 03:59:11 2020
Return-path: <guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org>
Envelope-to: guile-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org>)
	id 1kJodC-0007mm-T5
	for guile-devel@m.gmane-mx.org; Sun, 20 Sep 2020 03:59:10 +0200
Original-Received: from localhost ([::1]:33220 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org>)
	id 1kJodB-0004hb-8y
	for guile-devel@m.gmane-mx.org; Sat, 19 Sep 2020 21:59:09 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:56122)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <rlb@defaultvalue.org>)
 id 1kJod2-0004hQ-43
 for guile-devel@gnu.org; Sat, 19 Sep 2020 21:59:00 -0400
Original-Received: from defaultvalue.org ([45.33.119.55]:37528)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <rlb@defaultvalue.org>) id 1kJod0-00062m-DV
 for guile-devel@gnu.org; Sat, 19 Sep 2020 21:58:59 -0400
Original-Received: from trouble.defaultvalue.org (localhost [127.0.0.1])
 (Authenticated sender: rlb@defaultvalue.org)
 by defaultvalue.org (Postfix) with ESMTPSA id B2B9F2023E
 for <guile-devel@gnu.org>; Sat, 19 Sep 2020 20:58:54 -0500 (CDT)
Original-Received: by trouble.defaultvalue.org (Postfix, from userid 1000)
 id 394F414E072; Sat, 19 Sep 2020 20:58:54 -0500 (CDT)
X-Mailer: git-send-email 2.26.1
Received-SPF: pass client-ip=45.33.119.55; envelope-from=rlb@defaultvalue.org;
 helo=defaultvalue.org
X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/19 21:58:55
X-ACL-Warn: Detected OS   = Linux 2.2.x-3.x [generic] [fuzzy]
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: guile-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Developers list for Guile,
 the GNU extensibility library" <guile-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guile-devel>,
 <mailto:guile-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guile-devel>
List-Post: <mailto:guile-devel@gnu.org>
List-Help: <mailto:guile-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guile-devel>,
 <mailto:guile-devel-request@gnu.org?subject=subscribe>
Errors-To: guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org
Original-Sender: "guile-devel" <guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.lisp.guile.devel:20587
Archived-At: <http://permalink.gmane.org/gmane.lisp.guile.devel/20587>

The type is currently unsigned int, so respect that everywhere, and
range check the adjustments.  Note that this changes the ABI of
scm_revealed_count().

---

 If we don't want to change the ABI, then I imagine we could leave
 both scm_revealed_count and the data structure the same, and add some
 additional complexity to make sure we always stick within the
 intersection of the int and unsigned int domains on the current
 platform.

 libguile/fports.c | 14 ++++++++------
 libguile/fports.h |  2 +-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/libguile/fports.c b/libguile/fports.c
index 4a3c30b88..0a71638e7 100644
--- a/libguile/fports.c
+++ b/libguile/fports.c
@@ -494,7 +494,7 @@ fport_input_waiting (SCM port)
 /* Find a port in the table and return its revealed count.
    Also used by the garbage collector.
  */
-int
+unsigned int
 scm_revealed_count (SCM port)
 {
   return SCM_REVEALED (port);
@@ -507,7 +507,7 @@ SCM_DEFINE (scm_port_revealed, "port-revealed", 1, 0, 0,
 {
   port = SCM_COERCE_OUTPORT (port);
   SCM_VALIDATE_OPFPORT (1, port);
-  return scm_from_int (scm_revealed_count (port));
+  return scm_from_uint (scm_revealed_count (port));
 }
 #undef FUNC_NAME
 
@@ -518,12 +518,12 @@ SCM_DEFINE (scm_set_port_revealed_x, "set-port-revealed!", 2, 0, 0,
 	    "The return value is unspecified.")
 #define FUNC_NAME s_scm_set_port_revealed_x
 {
-  int r;
+  unsigned int r;
 
   port = SCM_COERCE_OUTPORT (port);
   SCM_VALIDATE_OPFPORT (1, port);
 
-  r = scm_to_int (rcount);
+  r = scm_to_uint (rcount);
   SCM_REVEALED (port) = r;
 
   return SCM_UNSPECIFIED;
@@ -537,12 +537,14 @@ SCM_DEFINE (scm_adjust_port_revealed_x, "adjust-port-revealed!", 2, 0, 0,
 	    "The return value is unspecified.")
 #define FUNC_NAME s_scm_adjust_port_revealed_x
 {
-  int a;
+  unsigned int a;
 
   port = SCM_COERCE_OUTPORT (port);
   SCM_VALIDATE_OPFPORT (1, port);
 
-  a = scm_to_int (addend);
+  a = scm_to_uint (addend);
+  if (UINT_MAX - a > SCM_REVEALED (port))
+    scm_out_of_range (FUNC_NAME, addend);
   SCM_REVEALED (port) += a;
 
   return SCM_UNSPECIFIED;
diff --git a/libguile/fports.h b/libguile/fports.h
index 3a895775f..aed76ba20 100644
--- a/libguile/fports.h
+++ b/libguile/fports.h
@@ -65,7 +65,7 @@ SCM_API SCM scm_file_port_p (SCM obj);
 
 
 /* Revealed counts.  */
-SCM_API int scm_revealed_count (SCM port);
+SCM_API unsigned int scm_revealed_count (SCM port);
 SCM_API SCM scm_port_revealed (SCM port);
 SCM_API SCM scm_set_port_revealed_x (SCM port, SCM rcount);
 SCM_API SCM scm_adjust_port_revealed_x (SCM port, SCM addend);
-- 
2.26.1