Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix: Saving SDT_INTLIST handle unsigned values properly #7396

Merged
merged 3 commits into from Feb 6, 2020

Conversation

Eddi-z
Copy link
Contributor

@Eddi-z Eddi-z commented Mar 22, 2019

This PR addresses a line that @PeterN wrote in the chat when he was trying out code to save a colour preset to the config file:

[22.03.19 00:49] <peter1138> colour_presets = -1957633922,-1336168961,-1790426469,-1784986981,1451692562,0,0,2077322240,0,0,0,0,0,0,0,0

The first issue is that the values are written as signed, even though they are unsigned in the code. The first commit handles writing these values correctly, the second is about correctly reading the (now out-of-range) values back in

the third commit is a feature to write long numbers like this as hexadecimal (reading should already be possible)

@Eddi-z Eddi-z force-pushed the settingslist branch 2 times, most recently from 2bfcd9e to 052f539 Compare March 22, 2019 04:30
if (p == end) return -1; // invalid character (not a number)
if (sizeof(int) < sizeof(long)) v = ClampToI32(v);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm unsure about this change. it now mimics the behaviour in StringToVal, however i feel like some validation of range should happen.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm yes, bit weird to be removing this. Perhaps it should be added to StringToVal?
Condition could probably be sanely removed though..

src/settings.cpp Outdated Show resolved Hide resolved
@Eddi-z Eddi-z force-pushed the settingslist branch 2 times, most recently from dde90cc to e2ca55d Compare March 24, 2019 18:21
src/settings.cpp Outdated
@@ -187,9 +187,8 @@ static int ParseIntList(const char *p, int *items, int maxitems)
default: {
if (n == maxitems) return -1; // we don't accept that many numbers
char *end;
long v = strtol(p, &end, 0);
size_t v = strtoul(p, &end, 0);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

surprised this doesn't cause a warning elsewhere (e.g. line192), given this has gone from signed to unsigned...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, shouldn't this be unsigned long instead of size_t ? They're not necessarily the same...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the entire SDT_INTLIST handling might just as well be changed to only do unsigned. As far as I can tell no uses of it need signed values anyway.

if (p == end) return -1; // invalid character (not a number)
if (sizeof(int) < sizeof(long)) v = ClampToI32(v);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm yes, bit weird to be removing this. Perhaps it should be added to StringToVal?
Condition could probably be sanely removed though..

@stale
Copy link

stale bot commented May 14, 2019

This pull request has been automatically marked as stale because it has not had any activity in the last month.
Please feel free to give a status update now, ping for review, or re-open when it's ready.
It will be closed if no further activity occurs within 7 days.
Thank you for your contributions.

@stale stale bot added the stale Stale issues label May 14, 2019
@LordAro LordAro added waiting on author and removed stale Stale issues labels Aug 17, 2019
@LordAro LordAro added this to the 1.10.0 milestone Nov 23, 2019
@nielsmh
Copy link
Contributor

nielsmh commented Feb 6, 2020

I made a template out of ParseIntList since it was being used with two different array types, and changed it to be uinsigned almost all the way through. I don't think there's any cases where it's used with signed values, so that's probably safer regardless. Overall, this should have less weird casting and have less potential UB.

@LordAro LordAro merged commit 1072837 into OpenTTD:master Feb 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants