nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-15 18:17:32 -05:00
Code Issues Projects Releases Wiki Activity

Tighten up a lot of casts from unsigned to int which are read by one

Browse Source 
of the GET_32BIT macros and then used as length fields. Missing bounds
checks against zero have been added, and also I've introduced a helper
function toint() which casts from unsigned to int in such a way as to
avoid C undefined behaviour, since I'm not sure I trust compilers any
more to do the obviously sensible thing.

[originally from svn r9918]
This commit is contained in:
Simon Tatham
2013-07-14 10:45:54 +00:00
parent 1662a2f6cf
commit 896bb7c74d
11 changed files with 185 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sftp.c
View File

@ -150,7 +150,7 @@ static int sftp_pkt_getstring(struct sftp_packet *pkt,
*p = NULL;
if (pkt->length - pkt->savedpos < 4)
return 0;
*length = GET_32BIT(pkt->data + pkt->savedpos);
*length = toint(GET_32BIT(pkt->data + pkt->savedpos));
pkt->savedpos += 4;
if ((int)(pkt->length - pkt->savedpos) < *length || *length < 0) {
*length = 0;