pike.git / src / encode.c

version» Context lines:

pike.git/src/encode.c:2471:    case T_MULTISET:    case T_NOT:    low_decode_type(data);    push_type(tmp);    break;       case T_INT:    {    INT32 min=0, max=0;    if(data->ptr + 8 > data->len) -  Pike_error("Decode error: Not enough data in string.\n"); +  decode_error(data, NULL, "Not enough data.\n");    min = get_unaligned_be32(data->data + data->ptr);    data->ptr += 4;    max = get_unaligned_be32(data->data + data->ptr);    data->ptr += 4; -  +  +  if (min > max) +  decode_error(data, NULL, "Error in int type (min (%d) > max (%d)).\n", min, max); +     push_int_type(min, max);    }    break;       case T_STRING:    /* Common case and compat */    push_finished_type(int_type_string);    push_type(T_STRING);    break;   
pike.git/src/encode.c:4357:       /* id_flags */    ref.id_flags = id_flags;       /* inherit_offset */    decode_number(ref.inherit_offset, data);       /* identifier_offset */    /* Actually the id ref number from the inherited program */    decode_number(ref_no, data); +  +  if (ref.inherit_offset >= p->num_inherits) +  decode_error(data, NULL, "Inherit offset out of range %u vs %u.\n", +  ref.inherit_offset, p->num_inherits); +  if (ref_no < 0 || ref_no >= p->inherits[ref.inherit_offset].prog->num_identifier_references) +  decode_error(data, NULL, "Identifier reference out of range %u vs %u.\n", +  ref_no, p->inherits[ref.inherit_offset].prog->num_identifier_references); +     ref.identifier_offset = p->inherits[ref.inherit_offset].prog->    identifier_references[ref_no].identifier_offset;       ref.run_time_type = PIKE_T_UNKNOWN;    ref.func.offset = 0;       /* Expected identifier reference number */    decode_number(no, data);       if (no > p->num_identifier_references) {
pike.git/src/encode.c:4477:    });       /* Alters    *    * identifiers, identifier_references    */    n = define_function(Pike_sp[-2].u.string,    Pike_sp[-1].u.type,    id_flags, func_flags,    &func, opt_flags); -  if (no >= p->num_identifier_references || +  if ((no < 0 || no >= p->num_identifier_references) ||    (no != n &&    (p->identifier_references[no].id_flags != id_flags ||    p->identifier_references[no].identifier_offset !=    p->identifier_references[n].identifier_offset ||    p->identifier_references[no].inherit_offset != 0))) {    ref_push_program (p);    decode_error(data, Pike_sp - 1,    "Bad function identifier offset: %d\n", no);    }