From b699221f0052e7e17dcb06ecda267f82610a40ae Mon Sep 17 00:00:00 2001
From: Frediano Ziglio <fziglio@redhat.com>
Date: Fri, 18 Oct 2019 15:57:19 +0100
Subject: [PATCH] codegen: Check unsafe values alone

This rule remove possible integer overflows.
Current code generated is not affected by these integer overflows
as the computations are done using 64 bit but better safe then sorry.

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Acked-by: Julien Rope <jrope@redhat.com>
---
 python_modules/demarshal.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/python_modules/demarshal.py b/python_modules/demarshal.py
index 3736976..b27eb75 100644
--- a/python_modules/demarshal.py
+++ b/python_modules/demarshal.py
@@ -229,7 +229,7 @@ def write_validate_struct_function(writer, struct):
         writer.statement("return 0")
 
     writer.newline()
-    writer.error_check("start >= message_end")
+    writer.error_check("offset >= (uintptr_t) (message_end - message_start)")
 
     writer.newline()
     write_validate_container(writer, None, struct, "start", scope, True, True, False)
@@ -283,7 +283,7 @@ def write_validate_pointer_item(writer, container, item, scope, parent_scope, st
             else:
                 write_validate_array_item(writer, container, array_item, scope, parent_scope, start,
                                           True, want_mem_size=need_mem_size, want_extra_size=False)
-                writer.error_check("%s + %s > (uintptr_t) (message_end - message_start)" % (v, array_item.nw_size()))
+                writer.error_check("%s > (uintptr_t) (message_end - message_start - %s)" % (array_item.nw_size(), v))
 
             if want_extra_size:
                 if item.member and item.member.has_attr("chunk"):