moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity

tool_cb_prg: Fix integer overflow in progress bar

Browse Source 
Commit 61faa0b420 fixed the progress bar
width calculation to avoid integer overflow, but failed to account for
the fact that initial_size is initialized to -1 when the file size is
retrieved from the remote on an upload, causing another signed integer
overflow.  Fix by separately checking for this case before the width
calculation.

Closes #3984
Reported-by: Brian Carpenter (Geeknik Labs)
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
This commit is contained in:
Daniel Gustafsson 2019-06-10 09:32:30 +02:00
parent deb9462ff2
commit 6df5f35e6a
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/tool_cb_prg.c
View File

@ -125,14 +125,19 @@ int tool_progress_cb(void *clientp,
curl_off_t total;
curl_off_t point;
/* expected transfer size */
if((CURL_OFF_T_MAX - bar->initial_size) < (dltotal + ultotal))
/* Calculate expected transfer size. initial_size can be less than zero
when indicating that we are expecting to get the filesize from the
remote */
if(bar->initial_size < 0 ||
((CURL_OFF_T_MAX - bar->initial_size) < (dltotal + ultotal)))
total = CURL_OFF_T_MAX;
else
total = dltotal + ultotal + bar->initial_size;
/* we've come this far */
if((CURL_OFF_T_MAX - bar->initial_size) < (dlnow + ulnow))
/* Calculate the current progress. initial_size can be less than zero when
indicating that we are expecting to get the filesize from the remote */
if(bar->initial_size < 0 ||
((CURL_OFF_T_MAX - bar->initial_size) < (dlnow + ulnow)))
point = CURL_OFF_T_MAX;
else
point = dlnow + ulnow + bar->initial_size;