While allocation memory, make sure that file sizes are smaller than SIZE_MAX.

ok joris
author: tobias <tobias@openbsd.org> 2008-03-09 01:02:38 +0000
committer: tobias <tobias@openbsd.org> 2008-03-09 01:02:38 +0000
commit: fcb086e6f39abf87c8bd29d816b128ab9dabf21c (patch)
tree: 8f3de7fef1f09f06a25fd6e0994f74df99caf44d /usr.bin/cvs/logmsg.c
parent: Get README up to date: OpenCVS is linked to build now, but man pages are (diff)
download: wireguard-openbsd-fcb086e6f39abf87c8bd29d816b128ab9dabf21c.tar.xz
wireguard-openbsd-fcb086e6f39abf87c8bd29d816b128ab9dabf21c.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.bin/cvs/logmsg.c b/usr.bin/cvs/logmsg.c
index fa2fd795a61..0445e653899 100644
--- a/usr.bin/cvs/logmsg.c
+++ b/usr.bin/cvs/logmsg.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: logmsg.c,v 1.46 2008/02/11 20:33:11 tobias Exp $	*/
+/*	$OpenBSD: logmsg.c,v 1.47 2008/03/09 01:02:38 tobias Exp $	*/
 /*
  * Copyright (c) 2007 Joris Vink <joris@openbsd.org>
  *
@@ -57,6 +57,9 @@ cvs_logmsg_read(const char *path)
 	if ((fp = fdopen(fd, "r")) == NULL)
 		fatal("cvs_logmsg_read: fdopen %s", strerror(errno));
 
+	if (st.st_size > SIZE_MAX)
+		fatal("cvs_buf_load_fd: %s: file size too big", path);
+
 	lbuf = NULL;
 	bp = cvs_buf_alloc(st.st_size);
 	while ((buf = fgetln(fp, &len))) {
author	tobias <tobias@openbsd.org>	2008-03-09 01:02:38 +0000
committer	tobias <tobias@openbsd.org>	2008-03-09 01:02:38 +0000
commit	fcb086e6f39abf87c8bd29d816b128ab9dabf21c (patch)
tree	8f3de7fef1f09f06a25fd6e0994f74df99caf44d /usr.bin/cvs/logmsg.c
parent	Get README up to date: OpenCVS is linked to build now, but man pages are (diff)
download	wireguard-openbsd-fcb086e6f39abf87c8bd29d816b128ab9dabf21c.tar.xz wireguard-openbsd-fcb086e6f39abf87c8bd29d816b128ab9dabf21c.zip