DeforaOS/libSystem
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Detect integer overflows when filling buffers

Browse Source
This commit is contained in:
Pierre Pronchery 2018-01-17 01:55:32 +01:00
parent f5673f6250
commit 41b454e7c4
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/buffer.c
View File

@ -101,7 +101,11 @@ int buffer_set(Buffer * buffer, size_t size, char * data)
/* buffer_set_data */
int buffer_set_data(Buffer * buffer, size_t offset, char * data, size_t size)
{
if(offset + size > buffer->size) /* FIXME integer overflow */
size_t s = offset + size;
if(s < offset && s < size)
return error_set_code(-ERANGE, "%s", strerror(ERANGE));
if(offset + size > buffer->size)
if(buffer_set_size(buffer, offset + size) != 0)
return -1;
memcpy(&buffer->data[offset], data, size);