Avoid pointer arithmetic on null pointer to remove undefined behavior

The existing checks triggered undefined behavior when the stack was empty (null pointer). This change avoid this: * If `stackTop_` and `stackEnd_` are null, it results in a `ptrdiff_t` of `0` * If `stackTop_` and `stackEnd_` are valid pointers, they produce a `ptrdiff_t` with the remaining size on the stack

Avoid pointer arithmetic on null pointer to remove undefined behavior
The existing checks triggered undefined behavior when the stack was empty (null pointer). This change avoid this: * If `stackTop_` and `stackEnd_` are null, it results in a `ptrdiff_t` of `0` * If `stackTop_` and `stackEnd_` are valid pointers, they produce a `ptrdiff_t` with the remaining size on the stack
16872af8 · Konstantin Käfer · 663f076c · 16872af8
Commit 16872af8 authored Sep 01, 2016 by Konstantin Käfer
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

stack.h include/rapidjson/internal/stack.h +3 -2

No files found.
--- a/include/rapidjson/internal/stack.h
+++ b/include/rapidjson/internal/stack.h
@@ -17,6 +17,7 @@

 #include "../allocators.h"
 #include "swap.h"
+#include <cstddef>

 #if defined(__clang__)
 RAPIDJSON_DIAG_PUSH
@@ -114,7 +115,7 @@ public:
    template<typename T>
    RAPIDJSON_FORCEINLINE void Reserve(size_t count = 1) {
         // Expand the stack if needed
-        if (RAPIDJSON_UNLIKELY(stackTop_ + sizeof(T) * count > stackEnd_))
+        if (RAPIDJSON_UNLIKELY(static_cast<std::ptrdiff_t>(sizeof(T) * count) > (stackEnd_ - stackTop_)))
            Expand<T>(count);
    }

@@ -127,7 +128,7 @@ public:
    template<typename T>
    RAPIDJSON_FORCEINLINE T* PushUnsafe(size_t count = 1) {
        RAPIDJSON_ASSERT(stackTop_);
-        RAPIDJSON_ASSERT(stackTop_ + sizeof(T) * count <= stackEnd_);
+        RAPIDJSON_ASSERT(static_cast<std::ptrdiff_t>(sizeof(T) * count) <= (stackEnd_ - stackTop_));
        T* ret = reinterpret_cast<T*>(stackTop_);
        stackTop_ += sizeof(T) * count;
        return ret;