diff options
author | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2021-06-24 14:32:38 +0200 |
---|---|---|
committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2021-06-25 15:12:41 +0200 |
commit | 64da743ffc2a7d182a78872798b5dbdca39a1b16 (patch) | |
tree | bda266891e240fda999464f995401d3aa371672f /lib/fstream/compress/bzip2.c | |
parent | e0cab1937a05d5c9740adf10613aa183eee7d99c (diff) |
libfstream: guard against potential integer overflows
The differen compressor libraries use differnt integer types to tally
the buffer sizes. The libfstream library uses size_t, which may be
bigger than the actualy types, potentially causing an overflow if
trying to compress to much at once.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Diffstat (limited to 'lib/fstream/compress/bzip2.c')
-rw-r--r-- | lib/fstream/compress/bzip2.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/fstream/compress/bzip2.c b/lib/fstream/compress/bzip2.c index 3ca425a..7f0c09a 100644 --- a/lib/fstream/compress/bzip2.c +++ b/lib/fstream/compress/bzip2.c @@ -21,7 +21,16 @@ static int flush_inbuf(ostream_comp_t *base, bool finish) int ret; bzip2->strm.next_in = (char *)base->inbuf; - bzip2->strm.avail_in = base->inbuf_used; + + if (base->inbuf_used > sizeof(base->inbuf)) + base->inbuf_used = sizeof(base->inbuf); + + if ((sizeof(size_t) > sizeof(unsigned int)) && + (base->inbuf_used > (size_t)UINT_MAX)) { + bzip2->strm.avail_in = UINT_MAX; + } else { + bzip2->strm.avail_in = (unsigned int)base->inbuf_used; + } for (;;) { bzip2->strm.next_out = (char *)base->outbuf; |