mirror of
https://github.com/moparisthebest/curl
synced 2024-12-24 09:08:49 -05:00
http: clarify header buffer size calculation
The header buffer size calculation can from static analysis seem to overlow as it performs an addition between two size_t variables and stores the result in a size_t variable. Overflow is however guarded against elsewhere since the input to the addition is regulated by the maximum read buffer size. Clarify this with a comment since the question was asked. Reviewed-by: Daniel Stenberg <daniel@haxx.se>
This commit is contained in:
parent
1853c884ef
commit
b96282010e
@ -3147,6 +3147,9 @@ static CURLcode header_append(struct Curl_easy *data,
|
|||||||
struct SingleRequest *k,
|
struct SingleRequest *k,
|
||||||
size_t length)
|
size_t length)
|
||||||
{
|
{
|
||||||
|
/* length is at most the size of a full read buffer, for which the upper
|
||||||
|
bound is CURL_MAX_READ_SIZE. There is thus no chance of overflow in this
|
||||||
|
calculation. */
|
||||||
size_t newsize = k->hbuflen + length;
|
size_t newsize = k->hbuflen + length;
|
||||||
if(newsize > CURL_MAX_HTTP_HEADER) {
|
if(newsize > CURL_MAX_HTTP_HEADER) {
|
||||||
/* The reason to have a max limit for this is to avoid the risk of a bad
|
/* The reason to have a max limit for this is to avoid the risk of a bad
|
||||||
|
Loading…
Reference in New Issue
Block a user