moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity

http: clarify header buffer size calculation

Browse Source 
The header buffer size calculation can from static analysis seem to
overlow as it performs an addition between two size_t variables and
stores the result in a size_t variable. Overflow is however guarded
against elsewhere since the input to the addition is regulated by
the maximum read buffer size. Clarify this with a comment since the
question was asked.

Reviewed-by: Daniel Stenberg <daniel@haxx.se>
This commit is contained in:
Daniel Gustafsson 2019-06-24 23:30:31 +02:00
parent 1853c884ef
commit b96282010e
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/http.c
View File

@ -3147,6 +3147,9 @@ static CURLcode header_append(struct Curl_easy *data,
struct SingleRequest *k,
size_t length)
{
/* length is at most the size of a full read buffer, for which the upper
bound is CURL_MAX_READ_SIZE. There is thus no chance of overflow in this
calculation. */
size_t newsize = k->hbuflen + length;
if(newsize > CURL_MAX_HTTP_HEADER) {
/* The reason to have a max limit for this is to avoid the risk of a bad