Cleaned up overflow checks in platform memory allocators (thanks to Nicolas

Lebedenco for pointing out the original issue with long long literals).

CHANGELOG

@@ -2,6 +2,9 @@
  * CHANGELOG.
  */
 
+01012006 - Cleaned up overflow checks in platform memory allocators (thanks to
+           Nicolas Lebedenco for pointing out the original issue with
+           long long literals).
 11282005 - Corrected docs on PHYSFS_setWriteDir().
 10122005 - Fixed locateInStringList() in physfs.c (thanks, Matze!). Patched
            archivers/wad.c to compile.

physfs_internal.h

@@ -1253,6 +1253,23 @@ void __PHYSFS_sort(void *entries, PHYSFS_uint32 max,
 #define GOTO_MACRO_MUTEX(e, m, g) { __PHYSFS_setError(e); __PHYSFS_platformReleaseMutex(m); goto g; }
 #define GOTO_IF_MACRO_MUTEX(c, e, m, g) if (c) { __PHYSFS_setError(e); __PHYSFS_platformReleaseMutex(m); goto g; }
 
+#ifdef __GNUC__
+#define LONGLONGLITERAL(x) x##LL
+#else
+#define LONGLONGLITERAL(x) x
+#endif
+
+/*
+ * Check if a ui64 will fit in the platform's address space.
+ *  The initial sizeof check will optimize this macro out entirely on
+ *  64-bit (and larger?!) platforms, and the other condition will
+ *  return zero or non-zero if the variable will fit in the platform's
+ *  size_t, suitable to pass to malloc. This is kinda messy, but effective.
+ */
+#define __PHYSFS_ui64FitsAddressSpace(s) ( \
+    (sizeof (PHYSFS_uint64) > sizeof (size_t)) && \
+    ((s) > (LONGLONGLITERAL(0xFFFFFFFFFFFFFFFF) >> (64-(sizeof(size_t)*8)))) \
+)
 
 /*
  * The current allocator. Not valid before PHYSFS_init is called!

platform/macclassic.c

@@ -944,9 +944,7 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
@@ -954,9 +952,7 @@ void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

platform/os2.c

@@ -757,9 +757,7 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
@@ -767,9 +765,7 @@ void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

platform/pocketpc.c

@@ -675,9 +675,7 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
@@ -685,9 +683,7 @@ void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

platform/posix.c

@@ -517,9 +517,7 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
@@ -527,9 +525,7 @@ void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

platform/skeleton.c

@@ -249,9 +249,7 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
@@ -259,9 +257,7 @@ void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */

platform/win32.c

@@ -1125,9 +1125,7 @@ void __PHYSFS_platformAllocatorDeinit(void)
 
 void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef malloc
     return(malloc((size_t) s));
 } /* __PHYSFS_platformMalloc */
@@ -1135,9 +1133,7 @@ void *__PHYSFS_platformAllocatorMalloc(PHYSFS_uint64 s)
 
 void *__PHYSFS_platformAllocatorRealloc(void *ptr, PHYSFS_uint64 s)
 {
-    /* make sure s isn't larger than the address space of the platform... */
+    BAIL_IF_MACRO(__PHYSFS_ui64FitsAddressSpace(s), ERR_OUT_OF_MEMORY, NULL);
-    if ( s > (0xFFFFFFFFFFFFFFFF >> (64-(sizeof (size_t) * 8))) )
-        BAIL_MACRO(ERR_OUT_OF_MEMORY, NULL);
     #undef realloc
     return(realloc(ptr, (size_t) s));
 } /* __PHYSFS_platformRealloc */