Make x_handy in XDR u_int, not int since there are places in the

code that assign a u_int value to x_handy.  However, this means
that we need to be careful checking for overflow as we can no longer
subtract a value and check the result for < 0.  We reorder the
expression instead to avoid this problem (basic algebra).
deraadt@ OK

1 files changed, 15 insertions, 9 deletions

diff --git a/lib/libc/rpc/xdr_mem.c b/lib/libc/rpc/xdr_mem.c
index b9a8495643f..fe84e4f7796 100644
--- a/lib/libc/rpc/xdr_mem.c
+++ b/lib/libc/rpc/xdr_mem.c
@@ -28,7 +28,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: xdr_mem.c,v 1.8 2001/09/17 18:34:51 jason Exp $";
+static char *rcsid = "$OpenBSD: xdr_mem.c,v 1.9 2002/12/11 22:55:39 millert Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 /*
@@ -114,8 +114,9 @@ xdrmem_getlong_aligned(xdrs, lp)
 	long *lp;
 {
 
-	if ((xdrs->x_handy -= sizeof(int32_t)) < 0)
+	if (xdrs->x_handy < sizeof(int32_t))
 		return (FALSE);
+	xdrs->x_handy -= sizeof(int32_t);
 	*lp = ntohl(*(int32_t *)xdrs->x_private);
 	xdrs->x_private += sizeof(int32_t);
 	return (TRUE);
@@ -127,8 +128,9 @@ xdrmem_putlong_aligned(xdrs, lp)
 	long *lp;
 {
 
-	if ((xdrs->x_handy -= sizeof(int32_t)) < 0)
+	if (xdrs->x_handy < sizeof(int32_t))
 		return (FALSE);
+	xdrs->x_handy -= sizeof(int32_t);
 	*(int32_t *)xdrs->x_private = htonl((u_int32_t)*lp);
 	xdrs->x_private += sizeof(int32_t);
 	return (TRUE);
@@ -141,8 +143,9 @@ xdrmem_getlong_unaligned(xdrs, lp)
 {
 	int32_t l;
 
-	if ((xdrs->x_handy -= sizeof(int32_t)) < 0)
+	if (xdrs->x_handy < sizeof(int32_t))
 		return (FALSE);
+	xdrs->x_handy -= sizeof(int32_t);
 	memcpy(&l, xdrs->x_private, sizeof(int32_t));
 	*lp = ntohl(l);
 	xdrs->x_private += sizeof(int32_t);
@@ -156,8 +159,9 @@ xdrmem_putlong_unaligned(xdrs, lp)
 {
 	int32_t l;
 
-	if ((xdrs->x_handy -= sizeof(int32_t)) < 0)
+	if (xdrs->x_handy < sizeof(int32_t))
 		return (FALSE);
+	xdrs->x_handy -= sizeof(int32_t);
 	l = htonl((u_int32_t)*lp);
 	memcpy(xdrs->x_private, &l, sizeof(int32_t));
 	xdrs->x_private += sizeof(int32_t);
@@ -171,8 +175,9 @@ xdrmem_getbytes(xdrs, addr, len)
 	u_int len;
 {
 
-	if ((xdrs->x_handy -= len) < 0)
+	if (xdrs->x_handy < len)
 		return (FALSE);
+	xdrs->x_handy -= len;
 	memcpy(addr, xdrs->x_private, len);
 	xdrs->x_private += len;
 	return (TRUE);
@@ -185,8 +190,9 @@ xdrmem_putbytes(xdrs, addr, len)
 	u_int len;
 {
 
-	if ((xdrs->x_handy -= len) < 0)
+	if (xdrs->x_handy < len)
 		return (FALSE);
+	xdrs->x_handy -= len;
 	memcpy(xdrs->x_private, addr, len);
 	xdrs->x_private += len;
 	return (TRUE);
@@ -209,10 +215,10 @@ xdrmem_setpos(xdrs, pos)
 	caddr_t newaddr = xdrs->x_base + pos;
 	caddr_t lastaddr = xdrs->x_private + xdrs->x_handy;
 
-	if ((long)newaddr > (long)lastaddr)
+	if (newaddr > lastaddr)
 		return (FALSE);
 	xdrs->x_private = newaddr;
-	xdrs->x_handy = (long)lastaddr - (long)newaddr;
+	xdrs->x_handy = (u_int)(lastaddr - newaddr);	/* XXX w/64-bit pointers, u_int not enough! */
 	return (TRUE);
 }