summaryrefslogtreecommitdiffabout
path: root/src/findkey.c
authorSergey Poznyakoff <gray@gnu.org>2018-05-24 08:35:24 (GMT)
committer Sergey Poznyakoff <gray@gnu.org>2018-05-24 08:35:24 (GMT)
commit371bb85fe378ffd0ed6ddc81985d450cef5835a3 (patch) (side-by-side diff)
tree6ab2d142b7aa1f9b29ec50b891c8293774964209 /src/findkey.c
parentf82d0b213fd2cdce80dc891906fba8d589115664 (diff)
downloadgdbm-371bb85fe378ffd0ed6ddc81985d450cef5835a3.tar.gz
gdbm-371bb85fe378ffd0ed6ddc81985d450cef5835a3.tar.bz2
More error checking; improve gdbm_recover
* Makefile.am (set-dist-date): New rule (dist-hook): Catch FIXMEs in NEWS. * NEWS: Updated. * src/findkey.c (gdbm_bucket_element_valid_p): New function. (_gdbm_read_entry): Validate the retrieved bucket element. * src/gdbm.h.in (gdbm_recovery): New member: duplicate_keys. (GDBM_BAD_HASH_TABLE): New error code. * src/gdbmdefs.h (TYPE_WIDTH,SIGNED_TYPE_MAXIMUM) (OFF_T_MAX): New defines. (off_t_sum_ok): New function. (gdbm_bucket_element_valid_p): New prototype. * src/gdbmerrno.c: Support for GDBM_BAD_HASH_TABLE code. * src/gdbmtool.c (recover_handler): Fix argument counting. New argument 'summary' prints statistics summary at the end of the run. (export_handler,import_handler): Fix argument counting. * src/mmap.c (SUM_FILE_SIZE): Rewrite as inlined function. Add error checking. (_gdbm_mapped_remap): More error checking. * src/recover.c (run_recovery): Don't bail out on GDBM_CANNOT_REPLACE. (gdbm_recover): Initialize duplicate_keys * src/systems.h: Include limits.h
Diffstat (limited to 'src/findkey.c') (more/less context) (show whitespace changes)
-rw-r--r--src/findkey.c20
1 files changed, 20 insertions, 0 deletions
diff --git a/src/findkey.c b/src/findkey.c
index 7638b04..bd9fd83 100644
--- a/src/findkey.c
+++ b/src/findkey.c
@@ -19,12 +19,26 @@
/* Include system configuration before all else. */
#include "autoconf.h"
#include "gdbmdefs.h"
+int
+gdbm_bucket_element_valid_p (GDBM_FILE dbf, int elem_loc)
+{
+ return
+ elem_loc < dbf->header->bucket_elems
+ && dbf->bucket->h_table[elem_loc].hash_value != -1
+ && dbf->bucket->h_table[elem_loc].key_size >= 0
+ && off_t_sum_ok (dbf->bucket->h_table[elem_loc].data_pointer,
+ dbf->bucket->h_table[elem_loc].key_size)
+ && dbf->bucket->h_table[elem_loc].data_size >= 0
+ && off_t_sum_ok (dbf->bucket->h_table[elem_loc].data_pointer
+ + dbf->bucket->h_table[elem_loc].key_size,
+ dbf->bucket->h_table[elem_loc].data_size);
+}
/* Read the data found in bucket entry ELEM_LOC in file DBF and
return a pointer to it. Also, cache the read value. */
char *
_gdbm_read_entry (GDBM_FILE dbf, int elem_loc)
@@ -36,12 +50,18 @@ _gdbm_read_entry (GDBM_FILE dbf, int elem_loc)
data_cache_elem *data_ca;
/* Is it already in the cache? */
if (dbf->cache_entry->ca_data.elem_loc == elem_loc)
return dbf->cache_entry->ca_data.dptr;
+ if (!gdbm_bucket_element_valid_p (dbf, elem_loc))
+ {
+ GDBM_SET_ERRNO (dbf, GDBM_BAD_HASH_TABLE, TRUE);
+ return NULL;
+ }
+
/* Set sizes and pointers. */
key_size = dbf->bucket->h_table[elem_loc].key_size;
data_size = dbf->bucket->h_table[elem_loc].data_size;
data_ca = &dbf->cache_entry->ca_data;
/* Set up the cache. */

Return to:

Send suggestions and report system problems to the System administrator.