diff options
author | Max Dymond <cmeister2@gmail.com> | 2018-01-29 10:12:40 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-01-30 17:23:34 +0100 |
commit | 3f8a727611b9fb048c407ee865e6e3a3f3150c9c (patch) | |
tree | 3513cac2b823ba7e21370749d95845496c5291f7 /lib/curl_range.c | |
parent | e04417d98f2cac095ea233a4a03e85d881e7ad7b (diff) | |
download | curl-3f8a727611b9fb048c407ee865e6e3a3f3150c9c.tar.gz |
Curl_range: add check to ensure "from <= to"
Diffstat (limited to 'lib/curl_range.c')
-rw-r--r-- | lib/curl_range.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/curl_range.c b/lib/curl_range.c index e24215f4d..849e12fd3 100644 --- a/lib/curl_range.c +++ b/lib/curl_range.c @@ -36,7 +36,6 @@ CURLcode Curl_range(struct connectdata *conn) { curl_off_t from, to; - curl_off_t totalsize = -1; char *ptr; char *ptr2; struct Curl_easy *data = conn->data; @@ -67,10 +66,16 @@ CURLcode Curl_range(struct connectdata *conn) } else { /* X-Y */ - totalsize = to-from; + curl_off_t totalsize; + + /* Ensure the range is sensible - to should follow from. */ + if(from > to) + return CURLE_RANGE_ERROR; + + totalsize = to - from; if(totalsize == CURL_OFF_T_MAX) - /* this is too big to increase, so bail out */ return CURLE_RANGE_ERROR; + data->req.maxdownload = totalsize + 1; /* include last byte */ data->state.resume_from = from; DEBUGF(infof(data, "RANGE from %" CURL_FORMAT_CURL_OFF_T |