PR/323: Tobias Stoeckmann: Add size_t overflow check for stat.

author Christos Zoulas <christos@zoulas.com>

Thu, 6 Mar 2014 16:16:56 +0000 (16:16 +0000)

committer Christos Zoulas <christos@zoulas.com>

Thu, 6 Mar 2014 16:16:56 +0000 (16:16 +0000)
author Christos Zoulas <christos@zoulas.com>
Thu, 6 Mar 2014 16:16:56 +0000 (16:16 +0000)
committer Christos Zoulas <christos@zoulas.com>
Thu, 6 Mar 2014 16:16:56 +0000 (16:16 +0000)
diff --git a/src/apprentice.c b/src/apprentice.c

index ffea5e60c25f7e577e3671a83e7f3c7820e1a101..78283820658a2a44dc746eb757199434fa318cb3 100644 (file)
--- a/src/apprentice.c
+++ b/src/apprentice.c
@@ -32,7 +32,7 @@
  #include "file.h"
  
  #ifndef        lint
-FILE_RCSID("@(#)$File: apprentice.c,v 1.195 2013/09/12 15:57:32 christos Exp $")
+FILE_RCSID("@(#)$File: apprentice.c,v 1.196 2013/11/19 21:01:12 christos Exp $")
  #endif /* lint */
  
  #include "magic.h"
@@ -48,6 +48,13 @@ FILE_RCSID("@(#)$File: apprentice.c,v 1.195 2013/09/12 15:57:32 christos Exp $")
  #include <sys/mman.h>
  #endif
  #include <dirent.h>
+#if defined(HAVE_LIMITS_H)
+#include <limits.h>
+#endif
+
+#ifndef SIZE_MAX
+#define SIZE_MAX        ((size_t)~0)
+#endif
  
  #define        EATAB {while (isascii((unsigned char) *l) && \
                       isspace((unsigned char) *l))  ++l;}
@@ -2601,8 +2608,9 @@ apprentice_map(struct magic_set *ms, const char *fn)
                 file_error(ms, errno, "cannot stat `%s'", dbname);
                 goto error;
         }
-       if (st.st_size < 8) {
-               file_error(ms, 0, "file `%s' is too small", dbname);
+       if (st.st_size < 8 || st.st_size > SIZE_MAX) {
+               file_error(ms, 0, "file `%s' is too %s", dbname,
+                   st.st_size > SIZE_MAX ? "large" : "small");
                 goto error;
         }
author	Christos Zoulas <christos@zoulas.com>
	Thu, 6 Mar 2014 16:16:56 +0000 (16:16 +0000)
committer	Christos Zoulas <christos@zoulas.com>
	Thu, 6 Mar 2014 16:16:56 +0000 (16:16 +0000)