summaryrefslogtreecommitdiff
path: root/src/common
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2015-11-12 11:32:14 -0500
committerNick Mathewson <nickm@torproject.org>2015-11-12 11:32:14 -0500
commit0694263b7533ba000d3d95a2936115b21b806a5d (patch)
treee9282168460bc9bfd086a2feab585493fff38c8d /src/common
parent75fc4d551174b712a0468ae7a8be821b566ef1f9 (diff)
downloadtor-0694263b7533ba000d3d95a2936115b21b806a5d.tar.gz
tor-0694263b7533ba000d3d95a2936115b21b806a5d.zip
Make round_to_next_multiple_of always round upwards.
Yes, even if it has to return a non-multiple. This prevents us from ever having a bug where we try to use it for allocation, and under-allocate.
Diffstat (limited to 'src/common')
-rw-r--r--src/common/util.c32
1 files changed, 21 insertions, 11 deletions
diff --git a/src/common/util.c b/src/common/util.c
index cc7760bff8..63bd1cc6f3 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -487,48 +487,58 @@ round_to_power_of_2(uint64_t u64)
}
/** Return the lowest x such that x is at least <b>number</b>, and x modulo
- * <b>divisor</b> == 0. */
+ * <b>divisor</b> == 0. If no such x can be expressed as an unsigned, return
+ * UINT_MAX */
unsigned
round_to_next_multiple_of(unsigned number, unsigned divisor)
{
tor_assert(divisor > 0);
- if (UINT_MAX - divisor + 1 >= number)
- number += divisor - 1;
+ if (UINT_MAX - divisor + 1 < number)
+ return UINT_MAX;
+ number += divisor - 1;
number -= number % divisor;
return number;
}
/** Return the lowest x such that x is at least <b>number</b>, and x modulo
- * <b>divisor</b> == 0. */
+ * <b>divisor</b> == 0. If no such x can be expressed as a uint32_t, return
+ * UINT32_MAX */
uint32_t
round_uint32_to_next_multiple_of(uint32_t number, uint32_t divisor)
{
tor_assert(divisor > 0);
- if (UINT32_MAX - divisor + 1 >= number)
- number += divisor - 1;
+ if (UINT32_MAX - divisor + 1 < number)
+ return UINT32_MAX;
+
+ number += divisor - 1;
number -= number % divisor;
return number;
}
/** Return the lowest x such that x is at least <b>number</b>, and x modulo
- * <b>divisor</b> == 0. */
+ * <b>divisor</b> == 0. If no such x can be expressed as a uint64_t, return
+ * UINT64_MAX */
uint64_t
round_uint64_to_next_multiple_of(uint64_t number, uint64_t divisor)
{
tor_assert(divisor > 0);
- if (UINT64_MAX - divisor + 1 >= number)
- number += divisor - 1;
+ if (UINT64_MAX - divisor + 1 < number)
+ return UINT64_MAX;
+ number += divisor - 1;
number -= number % divisor;
return number;
}
/** Return the lowest x in [INT64_MIN, INT64_MAX] such that x is at least
- * <b>number</b>, and x modulo <b>divisor</b> == 0. */
+ * <b>number</b>, and x modulo <b>divisor</b> == 0. If no such x can be
+ * expressed as an int64_t, return INT64_MAX */
int64_t
round_int64_to_next_multiple_of(int64_t number, int64_t divisor)
{
tor_assert(divisor > 0);
- if (number >= 0 && INT64_MAX - divisor + 1 >= number)
+ if (INT64_MAX - divisor + 1 < number)
+ return INT64_MAX;
+ if (number >= 0)
number += divisor - 1;
number -= number % divisor;
return number;