strtoofft: reduce integer overflow risks globally

... make sure we bail out on overflows. Reported-by: Brian Carpenter Closes #1758
author: Daniel Stenberg <daniel@haxx.se> 2017-08-14 23:33:23 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2017-08-14 23:33:41 +0200
commit: ff50fe0348466cae1a9f9f759b362c03f7060c34 (patch)
tree: 6a5a6efbe7bd7b00e49982e09a5da8f8341de28c /lib/imap.c
parent: b53b4e44241415c0a7ad857c72ec323109d2a7c0 (diff)
download: curl-ff50fe0348466cae1a9f9f759b362c03f7060c34.tar.gz
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/imap.c b/lib/imap.c
index 48af2902a..bc20110c2 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -1070,10 +1070,11 @@ static CURLcode imap_state_fetch_resp(struct connectdata *conn, int imapcode,
 
   if(*ptr == '{') {
     char *endptr;
-    size = curlx_strtoofft(ptr + 1, &endptr, 10);
-    if(endptr - ptr > 1 && endptr[0] == '}' &&
-       endptr[1] == '\r' && endptr[2] == '\0')
-      parsed = TRUE;
+    if(!curlx_strtoofft(ptr + 1, &endptr, 10, &size)) {
+      if(endptr - ptr > 1 && endptr[0] == '}' &&
+         endptr[1] == '\r' && endptr[2] == '\0')
+        parsed = TRUE;
+    }
   }
 
   if(parsed) {
author	Daniel Stenberg <daniel@haxx.se>	2017-08-14 23:33:23 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2017-08-14 23:33:41 +0200
commit	ff50fe0348466cae1a9f9f759b362c03f7060c34 (patch)
tree	6a5a6efbe7bd7b00e49982e09a5da8f8341de28c /lib/imap.c
parent	b53b4e44241415c0a7ad857c72ec323109d2a7c0 (diff)
download	curl-ff50fe0348466cae1a9f9f759b362c03f7060c34.tar.gz