Revert changes in strto(u)ll.c to avoid integer overflows

Found in oss-fuzz issue 26045. Pick-to: 5.12 5.15 Change-Id: Id9eac1b4f67ad9bbe2d92dd69cd03338a6ced74e Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2020-10-22 21:40:20 +02:00 · 2020-10-22 21:40:20 +02:00 · 2096400d6e
commit 2096400d6e
parent dc44e4a35e
4 changed files with 36 additions and 25 deletions
--- a/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch
+++ b/src/3rdparty/freebsd/0001-Patch-the-FreeBSD-strto-u-ll-functions-to-work-insid.patch
@ -11,16 +11,22 @@ Changes:
 - remove the locale_t parameter and use ascii_isspace instead of isspace_l
 - fix compilation with -Wcast-qual (requires C++)

---
- src/3rdparty/freebsd/strtoll.c  | 27 ++++-----------------------
- src/3rdparty/freebsd/strtoull.c | 27 ++++-----------------------
- 2 files changed, 8 insertions(+), 46 deletions(-)
+ src/3rdparty/freebsd/strtoll.c  | 27 +++------------------------
+ src/3rdparty/freebsd/strtoull.c | 27 +++------------------------
+ 2 files changed, 6 insertions(+), 48 deletions(-)

 diff --git a/src/3rdparty/freebsd/strtoll.c b/src/3rdparty/freebsd/strtoll.c
-index 16a8196..7b4505e 100644
+index c87aefb1cd..89da83425d 100644
 --- a/src/3rdparty/freebsd/strtoll.c
 +++ b/src/3rdparty/freebsd/strtoll.c
-@@ -32,18 +32,6 @@
+@@ -1,6 +1,4 @@
+ /*-
+- * SPDX-License-Identifier: BSD-3-Clause
+- *
+  * Copyright (c) 1992, 1993
+  *	The Regents of the University of California.  All rights reserved.
+  *
+@@ -34,18 +32,6 @@
  * SUCH DAMAGE.
  */
 
@ -39,7 +45,7 @@ index 16a8196..7b4505e 100644
 /*
  * Convert a string to a long long integer.
  *
-@@ -51,15 +39,13 @@ __FBSDID("$FreeBSD$");
+@@ -53,15 +39,13 @@ __FBSDID("$FreeBSD$");
  * alphabets and digits are each contiguous.
  */
 long long
@ -56,7 +62,7 @@ index 16a8196..7b4505e 100644
 
 	/*
 	 * Skip white space and pick up leading +/- sign if any.
-@@ -69,7 +55,7 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base,
+@@ -71,7 +55,7 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base,
 	s = nptr;
 	do {
 		c = *s++;
@ -65,12 +71,9 @@ index 16a8196..7b4505e 100644
 	if (c == '-') {
 		neg = 1;
 		c = *s++;
-@@ -141,13 +127,8 @@ strtoll_l(const char * __restrict nptr, char ** __restrict endptr, int base,
- noconv:
- 		errno = EINVAL;
+@@ -145,11 +129,6 @@ noconv:
 	} else if (neg)
-		acc = -acc;
-+		acc = (unsigned long long) -(long long)acc;
+ 		acc = -acc;
 	if (endptr != NULL)
 -		*endptr = (char *)(any ? s - 1 : nptr);
 +                *endptr = const_cast<char *>(any ? s - 1 : nptr);
@ -82,10 +85,17 @@ index 16a8196..7b4505e 100644
 -	return strtoll_l(nptr, endptr, base, __get_locale());
 -}
 diff --git a/src/3rdparty/freebsd/strtoull.c b/src/3rdparty/freebsd/strtoull.c
-index dc40e0e..1eb9257 100644
+index 58a9b23b56..cf151691ad 100644
 --- a/src/3rdparty/freebsd/strtoull.c
 +++ b/src/3rdparty/freebsd/strtoull.c
-@@ -32,18 +32,6 @@
+@@ -1,6 +1,4 @@
+ /*-
+- * SPDX-License-Identifier: BSD-3-Clause
+- *
+  * Copyright (c) 1992, 1993
+  *	The Regents of the University of California.  All rights reserved.
+  *
+@@ -34,18 +32,6 @@
  * SUCH DAMAGE.
  */
 
@ -104,7 +114,7 @@ index dc40e0e..1eb9257 100644
 /*
  * Convert a string to an unsigned long long integer.
  *
-@@ -51,15 +39,13 @@ __FBSDID("$FreeBSD$");
+@@ -53,15 +39,13 @@ __FBSDID("$FreeBSD$");
  * alphabets and digits are each contiguous.
  */
 unsigned long long
@ -121,7 +131,7 @@ index dc40e0e..1eb9257 100644
 
 	/*
 	 * See strtoq for comments as to the logic used.
-@@ -67,7 +53,7 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base,
+@@ -69,7 +53,7 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base,
 	s = nptr;
 	do {
 		c = *s++;
@ -130,12 +140,9 @@ index dc40e0e..1eb9257 100644
 	if (c == '-') {
 		neg = 1;
 		c = *s++;
-@@ -119,13 +105,8 @@ strtoull_l(const char * __restrict nptr, char ** __restrict endptr, int base,
- noconv:
- 		errno = EINVAL;
+@@ -123,11 +107,6 @@ noconv:
 	} else if (neg)
-		acc = -acc;
-+		acc = (unsigned long long) -(long long)acc;
+ 		acc = -acc;
 	if (endptr != NULL)
 -		*endptr = (char *)(any ? s - 1 : nptr);
 +                *endptr = const_cast<char *>(any ? s - 1 : nptr);
@ -147,5 +154,5 @@ index dc40e0e..1eb9257 100644
 -	return strtoull_l(nptr, endptr, base, __get_locale());
 -}
 -- 
-2.1.4
+2.25.1

--- a/src/3rdparty/freebsd/strtoll.c
+++ b/src/3rdparty/freebsd/strtoll.c
@ -127,7 +127,7 @@ qt_strtoll(const char * nptr, char **endptr, int base)
 noconv:
 		errno = EINVAL;
 	} else if (neg)
-		acc = (unsigned long long) -(long long)acc;
+		acc = -acc;
 	if (endptr != NULL)
                *endptr = const_cast<char *>(any ? s - 1 : nptr);
 	return (acc);
--- a/src/3rdparty/freebsd/strtoull.c
+++ b/src/3rdparty/freebsd/strtoull.c
@ -105,7 +105,7 @@ qt_strtoull(const char * nptr, char **endptr, int base)
 noconv:
 		errno = EINVAL;
 	} else if (neg)
-		acc = (unsigned long long) -(long long)acc;
+		acc = -acc;
 	if (endptr != NULL)
                *endptr = const_cast<char *>(any ? s - 1 : nptr);
 	return (acc);
--- a/src/corelib/text/qlocale_tools.cpp
+++ b/src/corelib/text/qlocale_tools.cpp
@ -70,8 +70,12 @@

 QT_BEGIN_NAMESPACE

+QT_WARNING_PUSH
+    /* "unary minus operator applied to unsigned type, result still unsigned" */
+QT_WARNING_DISABLE_MSVC(4146)
 #include "../../3rdparty/freebsd/strtoull.c"
 #include "../../3rdparty/freebsd/strtoll.c"
+QT_WARNING_POP

 QT_CLOCALE_HOLDER