From 0b52768a15706b53e38890e1dc1ebc7f92e00166 Mon Sep 17 00:00:00 2001
From: Kaz Kylheku <kaz@kylheku.com>
Date: Sat, 25 Apr 2020 08:17:22 -0700
Subject: lib/buf: use unsigned integers around allocations.

* buf.c (buf_shrink): Convert len to alloc size using c_unum,
which will reject negative values that will implicitly convert
to a wrong/huge size.

* lib.c (upcase_str, downcase_str): Similar reasoning.
(sub_vec): nelem is a size_t, so use unum on it, rather
than num.
---
 lib.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'lib.c')

diff --git a/lib.c b/lib.c
index 1ad10b78..e1ffbf66 100644
--- a/lib.c
+++ b/lib.c
@@ -3574,7 +3574,7 @@ val copy_str(val str)
 val upcase_str(val str)
 {
   val len = length_str(str);
-  wchar_t *dst = chk_wmalloc(c_num(len) + 1);
+  wchar_t *dst = chk_wmalloc(c_unum(len) + 1);
   const wchar_t *src = c_str(str);
   val out = string_own(dst);
 
@@ -3587,7 +3587,7 @@ val upcase_str(val str)
 val downcase_str(val str)
 {
   val len = length_str(str);
-  wchar_t *dst = chk_wmalloc(c_num(len) + 1);
+  wchar_t *dst = chk_wmalloc(c_unum(len) + 1);
   const wchar_t *src = c_str(str);
   val out = string_own(dst);
 
@@ -7553,7 +7553,7 @@ val sub_vec(val vec_in, val from, val to)
 #endif
     v += 2;
     vec->v.vec = v;
-    v[vec_length] = v[vec_alloc] = num(nelem);
+    v[vec_length] = v[vec_alloc] = unum(nelem);
     memcpy(vec->v.vec, vec_in->v.vec + cfrom, nelem * sizeof *vec->v.vec);
     return vec;
   }
-- 
cgit v1.2.3