From c5f04a58fc2aeea6296ca7c44ee4734c18401aa3 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@highlandsun.com>
Date: Sat, 30 Mar 2019 21:33:00 +0000
Subject: [PATCH] Reject Content-Length over 2^31

Nobody's going to sit around waiting for > 2GB to download in one chunk
---
 librtmp/hashswf.c | 2 +-
 librtmp/rtmp.c    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/librtmp/hashswf.c b/librtmp/hashswf.c
index 6a2daf1..32b2eed 100644
--- a/librtmp/hashswf.c
+++ b/librtmp/hashswf.c
@@ -245,7 +245,7 @@ HTTP_get(struct HTTP_ctx *http, const char *url, HTTP_read_callback *cb)
 	    (sb.sb_start, "Content-Length: ", sizeof("Content-Length: ") - 1))
 	{
 	  flen = strtol(sb.sb_start + sizeof("Content-Length: ") - 1, NULL, 10);
-	  if (flen < 0 || ((flen == LONG_MAX || flen == LONG_MIN) && errno == ERANGE))
+	  if (flen < 1 || flen > INT_MAX)
 	  {
 	    ret = HTTPRES_BAD_REQUEST;
 	    goto leave;
diff --git a/librtmp/rtmp.c b/librtmp/rtmp.c
index 4cbb711..0865689 100644
--- a/librtmp/rtmp.c
+++ b/librtmp/rtmp.c
@@ -4456,7 +4456,7 @@ restart:
   if (!ptr)
     return -1;
   hlen = strtol(ptr+16, NULL, 10);
-  if (hlen < 1 || ((hlen == LONG_MIN || hlen == LONG_MAX) && errno == ERANGE))
+  if (hlen < 1 || hlen > INT_MAX)
     return -1;
   ptr = strstr(ptr+16, "\r\n\r\n");
   if (!ptr)
-- 
2.50.0