mirror of
https://github.com/moparisthebest/curl
synced 2025-01-11 05:58:01 -05:00
vauth/cleartext: fix integer overflow check
Make the integer overflow check not rely on the undefined behavior that a size_t wraps around on overflow. Detected by lgtm.com Closes #2408
This commit is contained in:
parent
f623ad65e8
commit
c1366571b6
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -646,15 +646,6 @@ CURLcode Curl_hmac_md5(const unsigned char *key, unsigned int keylen,
|
|||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef SIZE_T_MAX
|
|
||||||
/* some limits.h headers have this defined, some don't */
|
|
||||||
#if defined(SIZEOF_SIZE_T) && (SIZEOF_SIZE_T > 4)
|
|
||||||
#define SIZE_T_MAX 18446744073709551615U
|
|
||||||
#else
|
|
||||||
#define SIZE_T_MAX 4294967295U
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This creates the NTLMv2 hash by using NTLM hash as the key and Unicode
|
/* This creates the NTLMv2 hash by using NTLM hash as the key and Unicode
|
||||||
* (uppercase UserName + Domain) as the data
|
* (uppercase UserName + Domain) as the data
|
||||||
*/
|
*/
|
||||||
|
@ -447,6 +447,15 @@
|
|||||||
# endif
|
# endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef SIZE_T_MAX
|
||||||
|
/* some limits.h headers have this defined, some don't */
|
||||||
|
#if defined(SIZEOF_SIZE_T) && (SIZEOF_SIZE_T > 4)
|
||||||
|
#define SIZE_T_MAX 18446744073709551615U
|
||||||
|
#else
|
||||||
|
#define SIZE_T_MAX 4294967295U
|
||||||
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Arg 2 type for gethostname in case it hasn't been defined in config file.
|
* Arg 2 type for gethostname in case it hasn't been defined in config file.
|
||||||
*/
|
*/
|
||||||
|
@ -5,7 +5,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -73,16 +73,10 @@ CURLcode Curl_auth_create_plain_message(struct Curl_easy *data,
|
|||||||
ulen = strlen(userp);
|
ulen = strlen(userp);
|
||||||
plen = strlen(passwdp);
|
plen = strlen(passwdp);
|
||||||
|
|
||||||
/* Compute binary message length, checking for overflows. */
|
/* Compute binary message length. Check for overflows. */
|
||||||
plainlen = 2 * ulen;
|
if((ulen > SIZE_T_MAX/2) || (plen > (SIZE_T_MAX/2 - 2)))
|
||||||
if(plainlen < ulen)
|
|
||||||
return CURLE_OUT_OF_MEMORY;
|
|
||||||
plainlen += plen;
|
|
||||||
if(plainlen < plen)
|
|
||||||
return CURLE_OUT_OF_MEMORY;
|
|
||||||
plainlen += 2;
|
|
||||||
if(plainlen < 2)
|
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
plainlen = 2 * ulen + plen + 2;
|
||||||
|
|
||||||
plainauth = malloc(plainlen);
|
plainauth = malloc(plainlen);
|
||||||
if(!plainauth)
|
if(!plainauth)
|
||||||
|
Loading…
Reference in New Issue
Block a user