diff options
author | Daniel Stenberg <daniel@haxx.se> | 2022-10-13 12:00:09 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2022-10-13 17:31:51 +0200 |
commit | eef7ad157383cdaf0a49c074d4c42ec7e6f5063a (patch) | |
tree | 0f254100aad681518108f8afd4141642f14f545e /src | |
parent | b46136f9b14dbc4ed00cc92b189eaacd991a2c9f (diff) | |
download | curl-eef7ad157383cdaf0a49c074d4c42ec7e6f5063a.tar.gz |
tool_paramhelp: asserts verify maximum sizes for string loading
The two defines MAX_FILE2MEMORY and MAX_FILE2STRING define the largest
strings accepted when loading files into memory, but as the size is
later used as input to functions that take the size as 'int' as
argument, the sizes must not be larger than INT_MAX.
These two new assert()s make the code error out if someone would bump
the sizes without this consideration.
Reported-by Trail of Bits
Closes #9719
Diffstat (limited to 'src')
-rw-r--r-- | src/tool_paramhlp.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c index 3a67e7ce1..955c61da1 100644 --- a/src/tool_paramhlp.c +++ b/src/tool_paramhlp.c @@ -68,6 +68,7 @@ struct getout *new_getout(struct OperationConfig *config) ParameterError file2string(char **bufp, FILE *file) { struct curlx_dynbuf dyn; + DEBUGASSERT(MAX_FILE2STRING < INT_MAX); /* needs to fit in an int later */ curlx_dyn_init(&dyn, MAX_FILE2STRING); if(file) { char buffer[256]; @@ -94,6 +95,8 @@ ParameterError file2memory(char **bufp, size_t *size, FILE *file) if(file) { size_t nread; struct curlx_dynbuf dyn; + /* The size needs to fit in an int later */ + DEBUGASSERT(MAX_FILE2MEMORY < INT_MAX); curlx_dyn_init(&dyn, MAX_FILE2MEMORY); do { char buffer[4096]; |