[libbluray-devel] file_posix: fixed integer overflows and problems with signed -> unsigned conversions.

[hpi1]

libbluray | branch: master | hpi1 <hpi1 at anonymous.org> | Mon Jan 21 13:15:33 2013 +0200| [911b58082a5f9dbb16c1f3b246ec6ddf8ba0365c] | committer: hpi1

file_posix: fixed integer overflows and problems with signed -> unsigned conversions.
Be noisy when someone tries to read/write with invalid size.

> http://git.videolan.org/gitweb.cgi/libbluray.git/?a=commit;h=911b58082a5f9dbb16c1f3b246ec6ddf8ba0365c
---

 src/file/file_posix.c |   17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/src/file/file_posix.c b/src/file/file_posix.c
index 1016b24..7697a72 100644
--- a/src/file/file_posix.c
+++ b/src/file/file_posix.c
@@ -33,6 +33,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <inttypes.h>
 
 #ifdef WIN32
 #include <windows.h>
@@ -74,14 +75,26 @@ static int file_eof_linux(BD_FILE_H *file)
     return feof((FILE *)file->internal);
 }
 
+#define BD_MAX_SSIZE ((int64_t)(((size_t)-1)>>1))
+
 static int64_t file_read_linux(BD_FILE_H *file, uint8_t *buf, int64_t size)
 {
-    return fread(buf, 1, size, (FILE *)file->internal);
+    if (size > 0 && size < BD_MAX_SSIZE) {
+        return (int64_t)fread(buf, 1, (size_t)size, (FILE *)file->internal);
+    }
+
+    BD_DEBUG(DBG_FILE | DBG_CRIT, "Ignoring invalid read of size %"PRId64" (%p)\n", size, file);
+    return 0;
 }
 
 static int64_t file_write_linux(BD_FILE_H *file, const uint8_t *buf, int64_t size)
 {
-    return fwrite(buf, 1, size, (FILE *)file->internal);
+    if (size > 0 && size < BD_MAX_SSIZE) {
+        return (int64_t)fwrite(buf, 1, (size_t)size, (FILE *)file->internal);
+    }
+
+    BD_DEBUG(DBG_FILE | DBG_CRIT, "Ignoring invalid write of size %"PRId64" (%p)\n", size, file);
+    return 0;
 }
 
 static BD_FILE_H *file_open_linux(const char* filename, const char *mode)