diff options
| author |   tobias <tobias@openbsd.org> | 2015-10-18 17:32:22 +0000 |
|---|---|---|
| committer | tobias <tobias@openbsd.org> | 2015-10-18 17:32:22 +0000 |
| commit | e5ed1155a7ec71014fb992f466eb57c4854ec933 (patch) | |
| tree | 19a435034375314cb5799313ec64d4a81bab66be | |
| parent | Fix comments. (diff) | |
| download | wireguard-openbsd-e5ed1155a7ec71014fb992f466eb57c4854ec933.tar.xz wireguard-openbsd-e5ed1155a7ec71014fb992f466eb57c4854ec933.zip | |
Avoid integer overflow with very large files.
ok millert
| -rw-r--r-- | usr.sbin/crunchgen/crunchide.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/usr.sbin/crunchgen/crunchide.c b/usr.sbin/crunchgen/crunchide.c index 40f8f86d8a1..eef5e38c5a5 100644 --- a/usr.sbin/crunchgen/crunchide.c +++ b/usr.sbin/crunchgen/crunchide.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crunchide.c,v 1.10 2015/08/20 22:39:29 deraadt Exp $ */ +/* $OpenBSD: crunchide.c,v 1.11 2015/10/18 17:32:22 tobias Exp $ */ /* * Copyright (c) 1994 University of Maryland @@ -58,6 +58,7 @@ #include <sys/stat.h> #include <fcntl.h> +#include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -206,8 +207,8 @@ hide_syms(char *filename) close(inf); return; } - if (infstat.st_size < sizeof(Elf_Ehdr)) { - fprintf(stderr, "%s: short file\n", filename); + if (infstat.st_size < sizeof(Elf_Ehdr) || infstat.st_size > SIZE_MAX) { + fprintf(stderr, "%s: invalid file size\n", filename); close(inf); return; } |