From 59748fea5b9b711690c6b6b72fa084db50323f2dd5936e23ae95adcc324d0c64 Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Sun, 6 Oct 2024 12:39:24 +0300
Subject: [PATCH] Signed length is safer

---
 cyac/dec.c               | 12 ++++++------
 cyac/dec.h               |  4 ++--
 cyac/example/print-map.c |  4 ++--
 cyac/iter.c              | 18 +++++++++---------
 cyac/iter.h              |  8 ++++----
 5 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/cyac/dec.c b/cyac/dec.c
index d8030f8..22cc803 100644
--- a/cyac/dec.c
+++ b/cyac/dec.c
@@ -47,7 +47,7 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
         }
         if (ll != 0) {
             atom->off += ll;
-            if (len < atom->off) {
+            if ((ptrdiff_t)len < atom->off) {
                 return YACErrNotEnough;
             }
             l = yacFromBE(buf + 1, ll);
@@ -60,7 +60,7 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
             }
         }
         atom->off += l;
-        if (len < atom->off) {
+        if ((ptrdiff_t)len < atom->off) {
             return YACErrNotEnough;
         }
         atom->len = l;
@@ -96,7 +96,7 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
                                                                        YACItemUint;
         const size_t l = (atom->tag & 0x0F) + 1;
         atom->off += l;
-        if (len < atom->off) {
+        if ((ptrdiff_t)len < atom->off) {
             return YACErrNotEnough;
         }
         if (buf[1] == 0) {
@@ -135,7 +135,7 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
     case YACAtomUUID:
         atom->typ = YACItemUUID;
         atom->off += 16;
-        if (len < atom->off) {
+        if ((ptrdiff_t)len < atom->off) {
             return YACErrNotEnough;
         }
         atom->len = 16;
@@ -177,7 +177,7 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
         }
         atom->typ = YACItemFloat;
         atom->off += l;
-        if (len < atom->off) {
+        if ((ptrdiff_t)len < atom->off) {
             return YACErrNotEnough;
         }
         atom->typ = YACItemRaw;
@@ -203,7 +203,7 @@ YACAtomDecode(struct YACAtom *atom, const unsigned char *buf, const size_t len)
         }
         atom->typ = YACItemTAI64;
         atom->off += l;
-        if (len < atom->off) {
+        if ((ptrdiff_t)len < atom->off) {
             return YACErrNotEnough;
         }
         atom->len = l;
diff --git a/cyac/dec.h b/cyac/dec.h
index f77b53a..b483f4f 100644
--- a/cyac/dec.h
+++ b/cyac/dec.h
@@ -48,8 +48,8 @@ enum YACErr {
 };
 
 struct YACAtom {
-    size_t off; // length of the whole atom
-    size_t len; // length of the strings, TAI64, raw values
+    ptrdiff_t off; // length of the whole atom
+    size_t len;    // length of the strings, TAI64, raw values
     union {
         uint64_t uint;            // unsigned integer's value
         int64_t sint;             // signed integer's value
diff --git a/cyac/example/print-map.c b/cyac/example/print-map.c
index 632feb0..f145734 100644
--- a/cyac/example/print-map.c
+++ b/cyac/example/print-map.c
@@ -58,7 +58,7 @@ myCb(
     const size_t idx,
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len)
 {
@@ -234,7 +234,7 @@ main(int argc, char **argv)
     }
     struct YACAtom atom;
     memset(&atom, 0, sizeof(struct YACAtom));
-    size_t off = 0;
+    ptrdiff_t off = 0;
     enum YACErr err = YACAtomDecode(&atom, buf, len);
     if (err != YACErrNo) {
         fprintf(stderr, "map err: %d\n", err);
diff --git a/cyac/iter.c b/cyac/iter.c
index 7ac832b..89f5ce9 100644
--- a/cyac/iter.c
+++ b/cyac/iter.c
@@ -24,7 +24,7 @@ enum YACErr
 YACIterList(
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len,
     YACIterCb cb)
@@ -32,7 +32,7 @@ YACIterList(
     enum YACErr err = YACErrInvalid;
     bool eoc = false;
     for (size_t n = 0;; n++) {
-        err = YACAtomDecode(atom, buf + *off, len - *off);
+        err = YACAtomDecode(atom, buf + *off, (size_t)((ptrdiff_t)len - *off));
         if (err != YACErrNo) {
             return err;
         }
@@ -53,7 +53,7 @@ enum YACErr
 YACIterMap(
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len,
     YACIterCb cb)
@@ -62,7 +62,7 @@ YACIterMap(
     size_t keyLen = 0;
     enum YACErr err = YACErrInvalid;
     for (;;) {
-        err = YACAtomDecode(atom, buf + *off, len - *off);
+        err = YACAtomDecode(atom, buf + *off, (size_t)((ptrdiff_t)len - *off));
         if (err != YACErrNo) {
             return err;
         }
@@ -85,7 +85,7 @@ YACIterMap(
         }
         keyLen = atom->len;
         key = atom->val.buf;
-        err = YACAtomDecode(atom, buf + *off, len - *off);
+        err = YACAtomDecode(atom, buf + *off, (size_t)((ptrdiff_t)len - *off));
         if (err != YACErrNo) {
             return err;
         }
@@ -105,12 +105,12 @@ enum YACErr
 YACIterBlob(
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len,
     YACIterCb cb)
 {
-    enum YACErr err = YACAtomDecode(atom, buf + *off, len - *off);
+    enum YACErr err = YACAtomDecode(atom, buf + *off, (size_t)((ptrdiff_t)len - *off));
     if (err != YACErrNo) {
         return err;
     }
@@ -129,14 +129,14 @@ YACIterBlob(
     }
     bool eoc = false;
     for (size_t n = 0; !eoc; n++) {
-        err = YACAtomDecode(atom, buf + *off, len - *off);
+        err = YACAtomDecode(atom, buf + *off, (size_t)((ptrdiff_t)len - *off));
         if (err != YACErrNo) {
             return err;
         }
         (*off) += atom->off;
         switch (atom->typ) {
         case YACItemNIL:
-            if ((len - *off) <= chunkLen) {
+            if (((ptrdiff_t)len - *off) <= (ptrdiff_t)chunkLen) {
                 return YACErrBlobShortChunk;
             }
             atom->val.buf = buf + *off;
diff --git a/cyac/iter.h b/cyac/iter.h
index 268d151..37019af 100644
--- a/cyac/iter.h
+++ b/cyac/iter.h
@@ -11,7 +11,7 @@ typedef enum YACErr (*YACIterCb)(
     const size_t idx,
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len);
 
@@ -19,7 +19,7 @@ enum YACErr
 YACIterList(
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len,
     YACIterCb cb);
@@ -28,7 +28,7 @@ enum YACErr
 YACIterMap(
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len,
     YACIterCb cb);
@@ -37,7 +37,7 @@ enum YACErr
 YACIterBlob(
     void *cbState,
     struct YACAtom *atom,
-    size_t *off,
+    ptrdiff_t *off,
     const unsigned char *buf,
     const size_t len,
     YACIterCb cb);
-- 
2.50.0