diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2019-05-20 06:14:57 -0700 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-06-24 15:00:40 +0100 |
| commit | b292c35fef2c0e509571a12f55a35e2ea30ef944 (patch) | |
| tree | a7c7a8466e9e80ec88ea48a14a639b710d89863e /deps | |
| parent | e48dbdf9a9938728c2c3e74f18a74ed7b0921958 (diff) | |
| download | libgit2-b292c35fef2c0e509571a12f55a35e2ea30ef944.tar.gz | |
http_parser: cast pointer arithmetic safely
Diffstat (limited to 'deps')
| -rw-r--r-- | deps/http-parser/http_parser.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/deps/http-parser/http_parser.c b/deps/http-parser/http_parser.c index cc53a5215..1bcd330e5 100644 --- a/deps/http-parser/http_parser.c +++ b/deps/http-parser/http_parser.c @@ -1992,6 +1992,9 @@ http_parse_host(const char * buf, struct http_parser_url *u, int found_at) { const char *p; size_t buflen = u->field_data[UF_HOST].off + u->field_data[UF_HOST].len; + if (buflen > UINT16_MAX) + return 1; + u->field_data[UF_HOST].len = 0; s = found_at ? s_http_userinfo_start : s_http_host_start; @@ -2006,21 +2009,21 @@ http_parse_host(const char * buf, struct http_parser_url *u, int found_at) { switch(new_s) { case s_http_host: if (s != s_http_host) { - u->field_data[UF_HOST].off = p - buf; + u->field_data[UF_HOST].off = (uint16_t)(p - buf); } u->field_data[UF_HOST].len++; break; case s_http_host_v6: if (s != s_http_host_v6) { - u->field_data[UF_HOST].off = p - buf; + u->field_data[UF_HOST].off = (uint16_t)(p - buf); } u->field_data[UF_HOST].len++; break; case s_http_host_port: if (s != s_http_host_port) { - u->field_data[UF_PORT].off = p - buf; + u->field_data[UF_PORT].off = (uint16_t)(p - buf); u->field_data[UF_PORT].len = 0; u->field_set |= (1 << UF_PORT); } @@ -2029,7 +2032,7 @@ http_parse_host(const char * buf, struct http_parser_url *u, int found_at) { case s_http_userinfo: if (s != s_http_userinfo) { - u->field_data[UF_USERINFO].off = p - buf ; + u->field_data[UF_USERINFO].off = (uint16_t)(p - buf); u->field_data[UF_USERINFO].len = 0; u->field_set |= (1 << UF_USERINFO); } @@ -2066,6 +2069,9 @@ http_parser_parse_url(const char *buf, size_t buflen, int is_connect, enum http_parser_url_fields uf, old_uf; int found_at = 0; + if (buflen > UINT16_MAX) + return 1; + u->port = u->field_set = 0; s = is_connect ? s_req_server_start : s_req_spaces_before_url; uf = old_uf = UF_MAX; @@ -2121,7 +2127,7 @@ http_parser_parse_url(const char *buf, size_t buflen, int is_connect, continue; } - u->field_data[uf].off = p - buf; + u->field_data[uf].off = (uint16_t)(p - buf); u->field_data[uf].len = 1; u->field_set |= (1 << uf); |