[src/trunk]: src Add negative offset checks to fseeko

[justin <justin%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/9ae80fedae71
branches:  trunk
changeset: 333101:9ae80fedae71
user:      justin <justin%NetBSD.org@localhost>
date:      Sun Oct 19 11:17:43 2014 +0000

description:
Add negative offset checks to fseeko

These were not strictly needed before, as lseek would error on negative
arguments, but having added open_memstream we have a virtual file pointer
that assumes that it gets sane values, so we get an assertion triggered
on a negative value. Best to check in one place rather than at all the
relevant points.

diffstat:

 lib/libc/stdio/fseeko.c                 |  14 ++++++++++++--
 tests/lib/libc/stdio/t_open_memstream.c |   3 ++-
 2 files changed, 14 insertions(+), 3 deletions(-)

diffs (60 lines):

diff -r fb354a32ffdb -r 9ae80fedae71 lib/libc/stdio/fseeko.c
--- a/lib/libc/stdio/fseeko.c   Sun Oct 19 09:39:33 2014 +0000
+++ b/lib/libc/stdio/fseeko.c   Sun Oct 19 11:17:43 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: fseeko.c,v 1.12 2012/03/27 15:05:42 christos Exp $     */
+/*     $NetBSD: fseeko.c,v 1.13 2014/10/19 11:17:43 justin Exp $       */
 
 /*-
  * Copyright (c) 1990, 1993
@@ -34,7 +34,7 @@
 
 #include <sys/cdefs.h>
 #if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: fseeko.c,v 1.12 2012/03/27 15:05:42 christos Exp $");
+__RCSID("$NetBSD: fseeko.c,v 1.13 2014/10/19 11:17:43 justin Exp $");
 #endif /* LIBC_SCCS and not lint */
 
 #include "namespace.h"
@@ -115,11 +115,21 @@
                        curoff += fp->_p - fp->_bf._base;
 
                offset += curoff;
+               if (offset < 0) {
+                       errno = EINVAL;
+                       FUNLOCKFILE(fp);
+                       return -1;
+               }       
                whence = SEEK_SET;
                havepos = 1;
                break;
 
        case SEEK_SET:
+               if (offset < 0) {
+                       errno = EINVAL;
+                       FUNLOCKFILE(fp);
+                       return -1;
+               }
        case SEEK_END:
                curoff = 0;             /* XXX just to keep gcc quiet */
                havepos = 0;
diff -r fb354a32ffdb -r 9ae80fedae71 tests/lib/libc/stdio/t_open_memstream.c
--- a/tests/lib/libc/stdio/t_open_memstream.c   Sun Oct 19 09:39:33 2014 +0000
+++ b/tests/lib/libc/stdio/t_open_memstream.c   Sun Oct 19 11:17:43 2014 +0000
@@ -16,7 +16,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: t_open_memstream.c,v 1.1 2014/10/15 21:55:34 justin Exp $");
+__RCSID("$NetBSD: t_open_memstream.c,v 1.2 2014/10/19 11:17:43 justin Exp $");
 
 #include <atf-c.h>
 #include <err.h>
@@ -53,6 +53,7 @@
        ATF_CHECK(fflush(fp) == 0);
        ATF_CHECK(size == 0);
        ATF_CHECK(buf != (char *)0xff);
+       ATF_CHECK(fseek(fp, -6, SEEK_SET) == -1);
        ATF_CHECK(fseek(fp, OFFSET, SEEK_SET) == 0);
        ATF_CHECK(fprintf(fp, hello) != EOF);
        ATF_CHECK(fflush(fp) != EOF);