I wonder if there's a risk of out-of-bounds write when reading user-provided sizes and offsets and doing arithmetic operations with them. In network-facing libraries that deal with potential unsanitized input, I've often seen checks for overflow, eg:
int safe_subtract(int x, int y, int *result) {
if (y > 0 && x < INT_MIN + y) {
// Underflow would occur
return 0;
} else if (y < 0 && x > INT_MAX + y) {
// Overflow would occur
return 0;
} else {
// Safe to subtract
*result = x - y;
return 1;
}
}
I wonder if there's a risk of out-of-bounds write when reading user-provided sizes and offsets and doing arithmetic operations with them. In network-facing libraries that deal with potential unsanitized input, I've often seen checks for overflow, eg: