From bf624acec12368fd4ebeedd7a9cee65b3800a0da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@des.no>
Date: Wed, 16 Dec 2015 00:41:26 +0100
Subject: [PATCH] Tweak memset_s() and its unit tests, mostly renaming
 variables.

---
 lib/core/cryb_memset_s.c | 16 +++++++++++-----
 t/t_memset_s.c           | 25 +++++++++++++------------
 2 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/lib/core/cryb_memset_s.c b/lib/core/cryb_memset_s.c
index 7a1750b..61d2fe2 100644
--- a/lib/core/cryb_memset_s.c
+++ b/lib/core/cryb_memset_s.c
@@ -32,9 +32,11 @@
 #endif
 
 #include <errno.h>
+#include <limits.h>
 #include <stdint.h>
 #include <string.h>
 
+#include <cryb/coverage.h>
 #include <cryb/memset_s.h>
 
 /*
@@ -42,15 +44,19 @@
  * is overwritten even if the data will never be read.
  */
 int
-cryb_memset_s(void *s, size_t smax, int c, size_t n)
+cryb_memset_s(void *d, size_t dsz, int ch, size_t n)
 {
 	unsigned int i;
 
-	if (s == NULL)
+	if (d == NULL)
 		return (EINVAL);
-	for (i = 0; i < n && i < smax; ++i)
-		((volatile unsigned char *)s)[i] = (unsigned char)c;
-	if (n > smax)
+CRYB_DISABLE_COVERAGE
+	if (dsz > SIZE_MAX || n > SIZE_MAX)
+		return (ERANGE);
+CRYB_RESTORE_COVERAGE
+	for (i = 0; i < n && i < dsz; ++i)
+		((volatile unsigned char *)d)[i] = (unsigned char)ch;
+	if (n > dsz)
 		return (EOVERFLOW);
 	return (0);
 }
diff --git a/t/t_memset_s.c b/t/t_memset_s.c
index 020d5a3..25ff0fa 100644
--- a/t/t_memset_s.c
+++ b/t/t_memset_s.c
@@ -44,8 +44,8 @@
 struct t_case {
 	const char *desc;
 	const char in[T_BUF_LEN];
-	size_t smax;
-	int c;
+	size_t dsz;
+	int ch;
 	size_t len;
 	const char out[T_BUF_LEN];
 	size_t outlen;
@@ -59,8 +59,8 @@ static struct t_case t_cases[] = {
 	{
 		.desc	= "zero",
 		.in	= "squeamish ossifrage",
-		.smax	= sizeof "squeamish ossifrage" - 1,
-		.c	= 'x',
+		.dsz	= sizeof "squeamish ossifrage" - 1,
+		.ch	= 'x',
 		.len	= 0,
 		.out	= "squeamish ossifrage",
 		.ret	= 0,
@@ -68,8 +68,8 @@ static struct t_case t_cases[] = {
 	{
 		.desc	= "short",
 		.in	= "squeamish ossifrage",
-		.smax	= sizeof "squeamish ossifrage" - 1,
-		.c	= 'x',
+		.dsz	= sizeof "squeamish ossifrage" - 1,
+		.ch	= 'x',
 		.len	= 9,
 		.out	= "xxxxxxxxx ossifrage",
 		.ret	= 0,
@@ -77,8 +77,8 @@ static struct t_case t_cases[] = {
 	{
 		.desc	= "exact",
 		.in	= "squeamish ossifrage",
-		.smax	= sizeof "squeamish ossifrage" - 1,
-		.c	= 'x',
+		.dsz	= sizeof "squeamish ossifrage" - 1,
+		.ch	= 'x',
 		.len	= sizeof "squeamish ossifrage" - 1,
 		.out	= "xxxxxxxxxxxxxxxxxxx",
 		.ret	= 0,
@@ -86,8 +86,8 @@ static struct t_case t_cases[] = {
 	{
 		.desc	= "long",
 		.in	= "squeamish ossifrage",
-		.smax	= sizeof "squeamish ossifrage" - 1,
-		.c	= 'x',
+		.dsz	= sizeof "squeamish ossifrage" - 1,
+		.ch	= 'x',
 		.len	= sizeof "squeamish ossifrage" + 1,
 		.out	= "xxxxxxxxxxxxxxxxxxx",
 		.ret	= EOVERFLOW,
@@ -104,8 +104,9 @@ t_memset_s(char **desc CRYB_UNUSED, void *arg)
 	char buf[T_BUF_LEN];
 	int ret;
 
-	memcpy(buf, t->in, T_BUF_LEN);
-	ret = memset_s(buf, t->smax, t->c, t->len);
+	memset(buf, 0, sizeof buf);
+	strncpy(buf, t->in, sizeof buf);
+	ret = memset_s(buf, t->dsz, t->ch, t->len);
 	return (t_compare_i(t->ret, ret) &
 	    t_compare_mem(t->out, buf, T_BUF_LEN));
 }