Revert changes in strto(u)ll.c to avoid integer overflows

Found in oss-fuzz issue 26045. Pick-to: 5.12 5.15 Change-Id: Id9eac1b4f67ad9bbe2d92dd69cd03338a6ced74e Reviewed-by: Thiago Macieira <[email protected]>
chain78 · Oct 26, 2020 · 2096400 · 2096400
1 parent dc44e4a
commit 2096400
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 25 deletions.
diff --git a/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch b/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch
@@ -11,16 +11,22 @@ Changes:
  - remove the locale_t parameter and use ascii_isspace instead of isspace_l
  - fix compilation with -Wcast-qual (requires C++)
 
----
- src/3rdparty/freebsd/strtoll.c  | 27 ++++-----------------------
- src/3rdparty/freebsd/strtoull.c | 27 ++++-----------------------
- 2 files changed, 8 insertions(+), 46 deletions(-)
+ src/3rdparty/freebsd/strtoll.c  | 27 +++------------------------
+ src/3rdparty/freebsd/strtoull.c | 27 +++------------------------
+ 2 files changed, 6 insertions(+), 48 deletions(-)
 
 diff --git a/src/3rdparty/freebsd/strtoll.c b/src/3rdparty/freebsd/strtoll.c
-index 16a8196..7b4505e 100644
+index c87aefb1cd..89da83425d 100644
 --- a/src/3rdparty/freebsd/strtoll.c
 +++ b/src/3rdparty/freebsd/strtoll.c
-@@ -32,18 +32,6 @@
+@@ -1,6 +1,4 @@
+ /*-
+- * SPDX-License-Identifier: BSD-3-Clause
+- *
+  * Copyright (c) 1992, 1993
+  *	The Regents of the University of California.  All rights reserved.
+  *
+@@ -34,18 +32,6 @@
   * SUCH DAMAGE.
   */
 
@@ -39,7 +45,7 @@ index 16a8196..7b4505e 100644
  /*
   * Convert a string to a long long integer.
   *
-@@ -51,15 +39,13 @@ __FBSDID("$FreeBSD$");
+@@ -53,15 +39,13 @@ __FBSDID("$FreeBSD$");
   * alphabets and digits are each contiguous.
   */
  long long
@@ -56,7 +62,7 @@ index 16a8196..7b4505e 100644
 
  	/*
  	 * Skip white space and pick up leading +/- sign if any.
-@@ -69,7 +55,7 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base,
+@@ -71,7 +55,7 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base,
  	s = nptr;
  	do {
  		c = *s++;
@@ -65,12 +71,9 @@ index 16a8196..7b4505e 100644
  	if (c == '-') {
  		neg = 1;
  		c = *s++;
-@@ -141,13 +127,8 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base,
- noconv:
- 		errno = EINVAL;
+@@ -145,11 +129,6 @@ noconv:
  	} else if (neg)
--		acc = -acc;
-+		acc = (unsigned long long) -(long long)acc;
+ 		acc = -acc;
  	if (endptr != NULL)
 -		*endptr = (char *)(any ? s - 1 : nptr);
 +                *endptr = const_cast<char *>(any ? s - 1 : nptr);
@@ -82,10 +85,17 @@ index 16a8196..7b4505e 100644
 -	return strtoll_l(nptr, endptr, base, __get_locale());
 -}
 diff --git a/src/3rdparty/freebsd/strtoull.c b/src/3rdparty/freebsd/strtoull.c
-index dc40e0e..1eb9257 100644
+index 58a9b23b56..cf151691ad 100644
 --- a/src/3rdparty/freebsd/strtoull.c
 +++ b/src/3rdparty/freebsd/strtoull.c
-@@ -32,18 +32,6 @@
+@@ -1,6 +1,4 @@
+ /*-
+- * SPDX-License-Identifier: BSD-3-Clause
+- *
+  * Copyright (c) 1992, 1993
+  *	The Regents of the University of California.  All rights reserved.
+  *
+@@ -34,18 +32,6 @@
   * SUCH DAMAGE.
   */
 
@@ -104,7 +114,7 @@ index dc40e0e..1eb9257 100644
  /*
   * Convert a string to an unsigned long long integer.
   *
-@@ -51,15 +39,13 @@ __FBSDID("$FreeBSD$");
+@@ -53,15 +39,13 @@ __FBSDID("$FreeBSD$");
   * alphabets and digits are each contiguous.
   */
  unsigned long long
@@ -121,7 +131,7 @@ index dc40e0e..1eb9257 100644
 
  	/*
  	 * See strtoq for comments as to the logic used.
-@@ -67,7 +53,7 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base,
+@@ -69,7 +53,7 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base,
  	s = nptr;
  	do {
  		c = *s++;
@@ -130,12 +140,9 @@ index dc40e0e..1eb9257 100644
  	if (c == '-') {
  		neg = 1;
  		c = *s++;
-@@ -119,13 +105,8 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base,
- noconv:
- 		errno = EINVAL;
+@@ -123,11 +107,6 @@ noconv:
  	} else if (neg)
--		acc = -acc;
-+		acc = (unsigned long long) -(long long)acc;
+ 		acc = -acc;
  	if (endptr != NULL)
 -		*endptr = (char *)(any ? s - 1 : nptr);
 +                *endptr = const_cast<char *>(any ? s - 1 : nptr);
@@ -147,5 +154,5 @@ index dc40e0e..1eb9257 100644
 -	return strtoull_l(nptr, endptr, base, __get_locale());
 -}
 -- 
-2.1.4
+2.25.1
 
diff --git a/src/3rdparty/freebsd/strtoll.c b/src/3rdparty/freebsd/strtoll.c
@@ -127,7 +127,7 @@ qt_strtoll(const char * nptr, char **endptr, int base)
 noconv:
 		errno = EINVAL;
 	} else if (neg)
-		acc = (unsigned long long) -(long long)acc;
+		acc = -acc;
 	if (endptr != NULL)
                 *endptr = const_cast<char *>(any ? s - 1 : nptr);
 	return (acc);

diff --git a/src/3rdparty/freebsd/strtoull.c b/src/3rdparty/freebsd/strtoull.c
@@ -105,7 +105,7 @@ qt_strtoull(const char * nptr, char **endptr, int base)
 noconv:
 		errno = EINVAL;
 	} else if (neg)
-		acc = (unsigned long long) -(long long)acc;
+		acc = -acc;
 	if (endptr != NULL)
                 *endptr = const_cast<char *>(any ? s - 1 : nptr);
 	return (acc);

diff --git a/src/corelib/text/qlocale_tools.cpp b/src/corelib/text/qlocale_tools.cpp
@@ -70,8 +70,12 @@
 
 QT_BEGIN_NAMESPACE
 
+QT_WARNING_PUSH
+    /* "unary minus operator applied to unsigned type, result still unsigned" */
+QT_WARNING_DISABLE_MSVC(4146)
 #include "../../3rdparty/freebsd/strtoull.c"
 #include "../../3rdparty/freebsd/strtoll.c"
+QT_WARNING_POP
 
 QT_CLOCALE_HOLDER