Fixed more integer overflow checks in C++ code to be stricter (related to commit 873652a82f).

This commit is contained in:
Project Nayuki 2017-04-21 15:49:16 +00:00
parent ac91c54ce1
commit 36f9dc11c4
1 changed files with 4 additions and 2 deletions

View File

@ -54,7 +54,9 @@ const QrSegment::Mode QrSegment::Mode::KANJI (0x8, 8, 10, 12);
QrSegment QrSegment::makeBytes(const std::vector<uint8_t> &data) {
return QrSegment(Mode::BYTE, data.size(), data, data.size() * 8);
if (data.size() >= (unsigned int)INT_MAX / 8)
throw "Buffer too long";
return QrSegment(Mode::BYTE, (int)data.size(), data, (int)data.size() * 8);
}
@ -140,7 +142,7 @@ int QrSegment::getTotalBits(const std::vector<QrSegment> &segs, int version) {
const QrSegment &seg(segs.at(i));
int ccbits = seg.mode.numCharCountBits(version);
// Fail if segment length value doesn't fit in the length field's bit-width
if (seg.numChars >= (1 << ccbits))
if ((unsigned int)seg.numChars >= (1U << ccbits) || seg.bitLength > INT16_MAX)
return -1;
long temp = (long)result + 4 + ccbits + seg.bitLength;
if (temp > INT_MAX)