laylo/trees
1
0
Fork 0
mirror of https://0xacab.org/liberate/trees.git synced 2024-11-22 10:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use SSIZE_MAX in trees_ostream_send_chunk() check

Browse Source 
The overflow check should use SSIZE_MAX since the function returns the
chunk_size of size_t which in theory "could be" bigger but in practice
very unlikely.

Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
This commit is contained in:
David Goulet 2017-02-17 14:24:55 -05:00
parent 5a81de94f2
commit 619b7e463a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/trees-ostream.c
View File

@ -85,7 +85,7 @@ trees_ostream_send_chunk(struct trees_ostream *sstream,
{ {
ssize_t ret; ssize_t ret;
/* Extra protection here against overflow. Maybe too agressive! */ /* Extra protection here against overflow. Maybe too agressive! */
assert(chunk_size < (SIZE_MAX - crypto_box_SEALBYTES)); assert(chunk_size < (SSIZE_MAX - crypto_box_SEALBYTES));
size_t ciphertext_len = crypto_box_SEALBYTES + chunk_size; size_t ciphertext_len = crypto_box_SEALBYTES + chunk_size;
unsigned char ciphertext[ciphertext_len]; unsigned char ciphertext[ciphertext_len];