]> granicus.if.org Git - curl/commitdiff
projects / curl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e04417d)
Curl_range: add check to ensure "from <= to"
authorMax Dymond <cmeister2@gmail.com>
Mon, 29 Jan 2018 10:12:40 +0000 (10:12 +0000)
committerDaniel Stenberg <daniel@haxx.se>
Tue, 30 Jan 2018 16:23:34 +0000 (17:23 +0100)
lib/curl_range.c patch | blob | history

diff --git a/lib/curl_range.c b/lib/curl_range.c
index e24215f4d67f3e50529767dbe19dc5d39581fb8d..849e12fd355990005639c67c6ad189ebac4f66b0 100644 (file)
--- a/lib/curl_range.c
+++ b/lib/curl_range.c
@@ -36,7 +36,6 @@
 CURLcode Curl_range(struct connectdata *conn)
 {
   curl_off_t from, to;
-  curl_off_t totalsize = -1;
   char *ptr;
   char *ptr2;
   struct Curl_easy *data = conn->data;
@@ -67,10 +66,16 @@ CURLcode Curl_range(struct connectdata *conn)
     }
     else {
       /* X-Y */
-      totalsize = to-from;
+      curl_off_t totalsize;
+
+      /* Ensure the range is sensible - to should follow from. */
+      if(from > to)
+        return CURLE_RANGE_ERROR;
+
+      totalsize = to - from;
       if(totalsize == CURL_OFF_T_MAX)
-        /* this is too big to increase, so bail out */
         return CURLE_RANGE_ERROR;
+
       data->req.maxdownload = totalsize + 1; /* include last byte */
       data->state.resume_from = from;
       DEBUGF(infof(data, "RANGE from %" CURL_FORMAT_CURL_OFF_T
Unnamed repository; edit this file 'description' to name the repository.