diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-03-17 18:48:01 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2021-03-17 18:48:01 +0100 |
| commit | c5384931b7ded71a256dc1bef80b00586b880186 (patch) | |
| tree | 3ef2b29145e79ca7b2eb9d6ec3e8f6ba0a36647e /src | |
| parent | fileio: don't use realloc() in read_full_virtual_file() (diff) | |
| download | systemd-c5384931b7ded71a256dc1bef80b00586b880186.tar.xz systemd-c5384931b7ded71a256dc1bef80b00586b880186.zip | |
fileio: add missing overflow checks to read_full_virtual_file()
given the source is trusted this is probably not a biggie, but let's
better be safe than sorry.
Diffstat (limited to 'src')
| -rw-r--r-- | src/basic/fileio.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/basic/fileio.c b/src/basic/fileio.c index f3a28398b7..6e42b60c3f 100644 --- a/src/basic/fileio.c +++ b/src/basic/fileio.c @@ -404,10 +404,14 @@ int read_full_virtual_file(const char *filename, char **ret_contents, size_t *re /* Be prepared for files from /proc which generally report a file size of 0. */ if (st.st_size > 0) { + if (st.st_size > SSIZE_MAX) /* safety check in case off_t is 64bit and size_t 32bit */ + return -E2BIG; + size = st.st_size; n_retries--; } else - size = size * 2; + /* Double the buffer size (saturate in case of overflow) */ + size = size > SSIZE_MAX / 2 ? SSIZE_MAX : size * 2; if (size > READ_FULL_BYTES_MAX) return -E2BIG; |