Date: Tue, 3 Nov 2015 17:27:25 +0000 (UTC) From: "Andrey A. Chernov" <ache@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r290336 - head/usr.bin/bsdiff/bsdiff Message-ID: <201511031727.tA3HRP76012862@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ache Date: Tue Nov 3 17:27:24 2015 New Revision: 290336 URL: https://svnweb.freebsd.org/changeset/base/290336 Log: Check for (old|new)size + 1 overflows off_t. PR: 204230 MFC after: 1 week Modified: head/usr.bin/bsdiff/bsdiff/bsdiff.c Modified: head/usr.bin/bsdiff/bsdiff/bsdiff.c ============================================================================== --- head/usr.bin/bsdiff/bsdiff/bsdiff.c Tue Nov 3 12:37:55 2015 (r290335) +++ head/usr.bin/bsdiff/bsdiff/bsdiff.c Tue Nov 3 17:27:24 2015 (r290336) @@ -237,7 +237,8 @@ int main(int argc,char *argv[]) err(1, "%s", argv[1]); if (oldsize > SSIZE_MAX || - (uintmax_t)oldsize >= SIZE_T_MAX / sizeof(off_t)) { + (uintmax_t)oldsize >= SIZE_T_MAX / sizeof(off_t) || + oldsize == OFF_MAX) { errno = EFBIG; err(1, "%s", argv[1]); } @@ -260,7 +261,8 @@ int main(int argc,char *argv[]) ((newsize=lseek(fd,0,SEEK_END))==-1)) err(1, "%s", argv[2]); - if (newsize > SSIZE_MAX || (uintmax_t)newsize >= SIZE_T_MAX) { + if (newsize > SSIZE_MAX || (uintmax_t)newsize >= SIZE_T_MAX || + newsize == OFF_MAX) { errno = EFBIG; err(1, "%s", argv[2]); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201511031727.tA3HRP76012862>