[27452] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix signed overflow check in k5_ucs2s_to_utf8s
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Dec 20 14:29:53 2012
Date: Thu, 20 Dec 2012 14:29:37 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201212201929.qBKJTbeo009720@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/7506becc0ac70915050e097d673e7647b99347fc
commit 7506becc0ac70915050e097d673e7647b99347fc
Author: Greg Hudson <ghudson@mit.edu>
Date: Thu Dec 20 14:20:37 2012 -0500
Fix signed overflow check in k5_ucs2s_to_utf8s
Signed overflow must be checked before it happens, since modern
versions of gcc will optimize out checks of the result. Reported by
Nickolai Zeldovich <nickolai@csail.mit.edu>.
ticket: 7511
src/util/support/utf8_conv.c | 4 +---
1 files changed, 1 insertions(+), 3 deletions(-)
diff --git a/src/util/support/utf8_conv.c b/src/util/support/utf8_conv.c
index 6e7c588..d580bbc 100644
--- a/src/util/support/utf8_conv.c
+++ b/src/util/support/utf8_conv.c
@@ -276,10 +276,8 @@ k5_ucs2s_to_utf8s(char *utf8str, const krb5_ucs2 *ucs2str,
#endif
n = krb5int_ucs2_to_utf8(ch, NULL);
- if (n < 1)
+ if (n < 1 || n > INT_MAX - len)
return -1;
- if (len + n < len)
- return -1; /* overflow */
len += n;
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
