diff --git a/src/common/src/common-b64.c b/src/common/src/common-b64.c index d81acb1097..a35bec1ebd 100644 --- a/src/common/src/common-b64.c +++ b/src/common/src/common-b64.c @@ -41,6 +41,7 @@ */ #include +#include #include @@ -262,24 +263,7 @@ static const uint8_t mongoc_b64rmap_space = 0xfe; static const uint8_t mongoc_b64rmap_invalid = 0xff; /* initializing the reverse map isn't thread safe, do it in pthread_once */ -#if defined(BSON_OS_UNIX) -#include -#define mongoc_common_once_t pthread_once_t -#define mongoc_common_once pthread_once -#define MONGOC_COMMON_ONCE_FUN(n) void n (void) -#define MONGOC_COMMON_ONCE_RETURN return -#define MONGOC_COMMON_ONCE_INIT PTHREAD_ONCE_INIT -#else -#define mongoc_common_once_t INIT_ONCE -#define MONGOC_COMMON_ONCE_INIT INIT_ONCE_STATIC_INIT -#define mongoc_common_once(o, c) InitOnceExecuteOnce (o, c, NULL, NULL) -#define MONGOC_COMMON_ONCE_FUN(n) \ - BOOL CALLBACK MLIB_PRAGMA_IF_MSVC (warning (push)) MLIB_PRAGMA_IF_MSVC (warning (disable : 4100)) \ - n (PINIT_ONCE _ignored_a, PVOID _ignored_b, PVOID *_ignored_c) MLIB_PRAGMA_IF_MSVC (warning (pop)) -#define MONGOC_COMMON_ONCE_RETURN return true -#endif - -static MONGOC_COMMON_ONCE_FUN (bson_b64_initialize_rmap) +static BSON_ONCE_FUN (bson_b64_initialize_rmap) { /* Null: end of string, stop parsing */ mongoc_b64rmap[0] = mongoc_b64rmap_end; @@ -301,7 +285,7 @@ static MONGOC_COMMON_ONCE_FUN (bson_b64_initialize_rmap) for (uint8_t i = 0; Base64[i] != '\0'; ++i) mongoc_b64rmap[(uint8_t) Base64[i]] = i; - MONGOC_COMMON_ONCE_RETURN; + BSON_ONCE_RETURN; } static int @@ -516,9 +500,9 @@ mongoc_b64_pton_len (char const *src) int mcommon_b64_pton (char const *src, uint8_t *target, size_t targsize) { - static mongoc_common_once_t once = MONGOC_COMMON_ONCE_INIT; + static bson_once_t once = BSON_ONCE_INIT; - mongoc_common_once (&once, bson_b64_initialize_rmap); + bson_once (&once, bson_b64_initialize_rmap); if (!src) { return -1; diff --git a/src/libbson/src/bson/bson-json.c b/src/libbson/src/bson/bson-json.c index 983de0eb84..1d8bfdac29 100644 --- a/src/libbson/src/bson/bson-json.c +++ b/src/libbson/src/bson/bson-json.c @@ -351,13 +351,17 @@ _noop (void) bson->code_data.in_scope = false; \ } while (0) #define STACK_POP_DBPOINTER STACK_POP_DOC (_noop ()) -#define BASIC_CB_PREAMBLE \ - const char *key; \ - size_t len; \ - bson_json_reader_bson_t *bson = &reader->bson; \ - _bson_json_read_fixup_key (bson); \ - key = bson->key; \ - len = bson->key_buf.len; \ +#define BASIC_CB_PREAMBLE \ + const char *key; \ + size_t len; \ + bson_json_reader_bson_t *bson = &reader->bson; \ + _bson_json_read_fixup_key (bson); \ + key = bson->key; \ + len = bson->key_buf.len; \ + if (len > INT_MAX) { \ + _bson_json_read_set_error (reader, "Failed to read JSON. key size %zu is too large. Max is %d", len, INT_MAX); \ + return; \ + } \ (void) 0 #define BASIC_CB_BAIL_IF_NOT_NORMAL(_type) \ if (bson->read_state != BSON_JSON_REGULAR) { \ @@ -628,7 +632,7 @@ _bson_json_read_integer (bson_json_reader_t *reader, uint64_t val, int64_t sign) BASIC_CB_BAIL_IF_NOT_NORMAL ("integer"); if (val <= INT32_MAX || (sign == -1 && val <= (uint64_t) INT32_MAX + 1)) { - bson_append_int32 (STACK_BSON_CHILD, key, (int) len, (int) (val * sign)); + bson_append_int32 (STACK_BSON_CHILD, key, (int) len, (int32_t) ((int64_t) val * sign)); } else if (sign == -1) { #if defined(_WIN32) && !defined(__MINGW32__) // Unary negation of unsigned integer is deliberate. diff --git a/src/libbson/src/jsonsl/jsonsl.c b/src/libbson/src/jsonsl/jsonsl.c index 730c3166ae..e2bb6a08e4 100644 --- a/src/libbson/src/jsonsl/jsonsl.c +++ b/src/libbson/src/jsonsl/jsonsl.c @@ -1052,9 +1052,9 @@ void jsonsl_jpr_match_state_init(jsonsl_t jsn, if (njprs == 0) { return; } - jsn->jprs = (jsonsl_jpr_t *)malloc(sizeof(jsonsl_jpr_t) * njprs); + jsn->jprs = (jsonsl_jpr_t *) bson_malloc (sizeof (jsonsl_jpr_t) * njprs); jsn->jpr_count = njprs; - jsn->jpr_root = (size_t*)calloc(1, sizeof(size_t) * njprs * jsn->levels_max); + jsn->jpr_root = (size_t *) bson_malloc0 (sizeof (size_t) * njprs * jsn->levels_max); memcpy(jsn->jprs, jprs, sizeof(jsonsl_jpr_t) * njprs); /* Set the initial jump table values */ @@ -1070,8 +1070,8 @@ void jsonsl_jpr_match_state_cleanup(jsonsl_t jsn) return; } - free(jsn->jpr_root); - free(jsn->jprs); + bson_free(jsn->jpr_root); + bson_free(jsn->jprs); jsn->jprs = NULL; jsn->jpr_root = NULL; jsn->jpr_count = 0; diff --git a/src/libmongoc/src/mongoc/mongoc-client-session.c b/src/libmongoc/src/mongoc/mongoc-client-session.c index cea5c8137b..1277af16ba 100644 --- a/src/libmongoc/src/mongoc/mongoc-client-session.c +++ b/src/libmongoc/src/mongoc/mongoc-client-session.c @@ -885,7 +885,9 @@ _max_time_ms_failure (bson_t *reply) return true; } - bson_iter_init (&iter, reply); + if (!bson_iter_init (&iter, reply)) { + return false; + } if (bson_iter_find_descendant (&iter, "writeConcernError.codeName", &descendant) && BSON_ITER_HOLDS_UTF8 (&descendant) && 0 == strcmp (bson_iter_utf8 (&descendant, NULL), MAX_TIME_MS_EXPIRED)) { return true; diff --git a/src/libmongoc/src/mongoc/mongoc-collection.c b/src/libmongoc/src/mongoc/mongoc-collection.c index 5f7fae0cc3..05492bedf0 100644 --- a/src/libmongoc/src/mongoc/mongoc-collection.c +++ b/src/libmongoc/src/mongoc/mongoc-collection.c @@ -937,8 +937,12 @@ _mongoc_collection_index_keys_equal (const bson_t *expected, const bson_t *actua bson_iter_t iter_expected; bson_iter_t iter_actual; - bson_iter_init (&iter_expected, expected); - bson_iter_init (&iter_actual, actual); + if (!bson_iter_init (&iter_expected, expected)) { + return false; + } + if (!bson_iter_init (&iter_actual, actual)) { + return false; + } while (bson_iter_next (&iter_expected)) { /* If the key document has fewer items than expected, indexes are unequal diff --git a/src/libmongoc/src/mongoc/mongoc-counters.c b/src/libmongoc/src/mongoc/mongoc-counters.c index e94c30d206..4bb4ca0ff6 100644 --- a/src/libmongoc/src/mongoc/mongoc-counters.c +++ b/src/libmongoc/src/mongoc/mongoc-counters.c @@ -119,6 +119,7 @@ mongoc_counters_calc_size (void) if (mlib_cmp (size, >, pg_sz)) { return size; } else { + BSON_ASSERT (pg_sz > 0); return (size_t) pg_sz; } #else diff --git a/src/libmongoc/src/mongoc/mongoc-server-description.c b/src/libmongoc/src/mongoc/mongoc-server-description.c index fd46c544a4..22871804dc 100644 --- a/src/libmongoc/src/mongoc/mongoc-server-description.c +++ b/src/libmongoc/src/mongoc/mongoc-server-description.c @@ -794,7 +794,7 @@ mongoc_server_description_new_copy (const mongoc_server_description_t *descripti const uint8_t *data = bson_get_data (©->last_hello_response) + offset; \ uint32_t len = description->FIELD.len; \ MONGOC_DEBUG_ASSERT (offset + len <= copy->last_hello_response.len); \ - bson_init_static (©->FIELD, data, len); \ + BSON_ASSERT (bson_init_static (©->FIELD, data, len)); \ } else { \ bson_init (©->FIELD); \ } \ diff --git a/src/libmongoc/src/mongoc/mongoc-socket.c b/src/libmongoc/src/mongoc/mongoc-socket.c index d9624a379d..f264516008 100644 --- a/src/libmongoc/src/mongoc/mongoc-socket.c +++ b/src/libmongoc/src/mongoc/mongoc-socket.c @@ -1207,6 +1207,7 @@ _mongoc_socket_try_sendv_slow (mongoc_socket_t *sock, /* IN */ RETURN (ret ? ret : -1); } + BSON_ASSERT (mlib_cmp (wrote, <=, SSIZE_MAX - ret)); ret += wrote; if (mlib_cmp (wrote, !=, iov[i].iov_len)) { diff --git a/src/libmongoc/src/mongoc/mongoc-stream-tls-openssl.c b/src/libmongoc/src/mongoc/mongoc-stream-tls-openssl.c index 918d9bb792..2ef801b5e9 100644 --- a/src/libmongoc/src/mongoc/mongoc-stream-tls-openssl.c +++ b/src/libmongoc/src/mongoc/mongoc-stream-tls-openssl.c @@ -829,6 +829,9 @@ create_stream_with_ctx ( mongoc_stream_t * mongoc_stream_tls_openssl_new (mongoc_stream_t *base_stream, const char *host, mongoc_ssl_opt_t *opt, int client) { + BSON_ASSERT_PARAM (base_stream); + BSON_ASSERT_PARAM (opt); + SSL_CTX *ssl_ctx = _mongoc_openssl_ctx_new (opt); if (!ssl_ctx) { diff --git a/src/libmongoc/src/mongoc/mongoc-uri.c b/src/libmongoc/src/mongoc/mongoc-uri.c index c1dee92d22..1fbcb4248b 100644 --- a/src/libmongoc/src/mongoc/mongoc-uri.c +++ b/src/libmongoc/src/mongoc/mongoc-uri.c @@ -904,7 +904,10 @@ mongoc_uri_options_validate_names (const bson_t *a, const bson_t *b, bson_error_ /* Scan `a` looking for deprecated names * where the canonical name was also used in `a`, * or was used in `b`. */ - bson_iter_init (&key_iter, a); + if (!bson_iter_init (&key_iter, a)) { + return false; + } + while (bson_iter_next (&key_iter)) { key = bson_iter_key (&key_iter); value = bson_iter_utf8_unsafe (&key_iter, &value_len); @@ -966,7 +969,10 @@ mongoc_uri_apply_options (mongoc_uri_t *uri, const bson_t *options, bool from_dn size_t value_len; bool bval; - bson_iter_init (&iter, options); + if (!bson_iter_init (&iter, options)) { + return false; + } + while (bson_iter_next (&iter)) { key = bson_iter_key (&iter); canon = mongoc_uri_canonicalize_option (key); diff --git a/src/tools/mongoc-stat.c b/src/tools/mongoc-stat.c index 4a0b01e360..83fad8d243 100644 --- a/src/tools/mongoc-stat.c +++ b/src/tools/mongoc-stat.c @@ -30,6 +30,7 @@ #include #include +#include #pragma pack(1) typedef struct { @@ -109,6 +110,7 @@ mongoc_counters_new_from_pid (unsigned pid) return NULL; } + BSON_ASSERT (mlib_in_range (size_t, len)); size = len; if (MAP_FAILED == (mem = mmap (NULL, size, PROT_READ, MAP_SHARED, fd, 0))) {