Promote nrules/maxrules to size_t and make sure they can't overflow. reallocarray...

diff --git a/doas.c b/doas.c
index b47d2bb8c7bbb7593c791b72471be9f144d7371b..ac3a42a3a171cd96680ed34446278f3dc1f8d473 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -139,7 +139,7 @@ static int
 permit(uid_t uid, gid_t *groups, int ngroups, const struct rule **lastr,
     uid_t target, const char *cmd, const char **cmdargs)
 {
-       int i;
+       size_t i;
 
        *lastr = NULL;
        for (i = 0; i < nrules; i++) {

diff --git a/doas.h b/doas.h
index c38fca2de968c017516d847c43b76768237c2384..a8aa41bee6b9ead7e6a8873436852fa2f7054046 100644 (file)
--- a/doas.h
+++ b/doas.h
@@ -26,7 +26,7 @@ struct rule {
 };
 
 extern struct rule **rules;
-extern int nrules;
+extern size_t nrules;
 extern int parse_errors;
 
 extern const char *formerpath;

diff --git a/parse.y b/parse.y
index c50378a5784c0001f2011a12eaa7cc9c101b6e25..85e20cc81b9504686b1446f26ac19f313484e6a1 100644 (file)
--- a/parse.y
+++ b/parse.y
@@ -52,8 +52,8 @@ typedef struct {
 FILE *yyfp;
 
 struct rule **rules;
-int nrules;
-static int maxrules;
+size_t nrules;
+static size_t maxrules;
 
 int parse_errors = 0;
 
@@ -100,12 +100,12 @@ rule:             action ident target cmd {
                        r->cmdargs = $4.cmdargs;
                        if (nrules == maxrules) {
                                if (maxrules == 0)
-                                       maxrules = 63;
-                               else
-                                       maxrules *= 2;
-                               if (!(rules = reallocarray(rules, maxrules,
-                                   sizeof(*rules))))
+                                       maxrules = 32;
+                               rules = reallocarray(rules, maxrules,
+                                   2 * sizeof(*rules));
+                               if (!rules)
                                        errx(1, "can't allocate rules");
+                               maxrules *= 2;
                        }
                        rules[nrules++] = r;
                } ;
@@ -228,6 +228,7 @@ yylex(void)
 {
        char buf[1024], *ebuf, *p, *str;
        int c, quotes = 0, escape = 0, qpos = -1, nonkw = 0;
+       size_t i;
 
        p = buf;
        ebuf = buf + sizeof(buf);
@@ -334,7 +335,6 @@ eow:
                        goto repeat;
        }
        if (!nonkw) {
-               size_t i;
                for (i = 0; i < sizeof(keywords) / sizeof(keywords[0]); i++) {
                        if (strcmp(buf, keywords[i].word) == 0)
                                return keywords[i].token;