commit 3609b47d0d3af4279f5b9988a92dd47c4a06a777
parent 945cb23311f465794117121580c362dc5f67de83
Author: sin <sin@2f30.org>
Date: Wed, 27 Feb 2019 09:42:00 +0000
Some more overflow checks
Diffstat:
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/types.c b/types.c
@@ -156,8 +156,14 @@ write_snapshot(int fd, struct snapshot *snap)
snprintf(fmt, sizeof(fmt), "q'%d'%dq", MSGSIZE, MDSIZE);
- snap->size = SNAPHDR_LEN;
- snap->size += snap->nr_blk_descs * BLKDESC_LEN;
+ if (mul_overflow(snap->nr_blk_descs, BLKDESC_LEN))
+ errx(1, "write_snapshot: overflow");
+ snap->size = snap->nr_blk_descs * BLKDESC_LEN;
+
+ if (add_overflow(SNAPHDR_LEN, snap->size))
+ errx(1, "write_snapshot: overflow");
+ snap->size += SNAPHDR_LEN;
+
n = pack(buf, fmt,
snap->size,
snap->msg,
