[vlc-commits] update: fix integer overflow with signature file size
Rémi Denis-Courmont
git at videolan.org
Mon Aug 31 19:13:09 CEST 2015
vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Mon Aug 31 20:12:21 2015 +0300| [76453ce4a2cee8fa189b19e8a3d9003ecdd9a0c6] | committer: Rémi Denis-Courmont
update: fix integer overflow with signature file size
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=76453ce4a2cee8fa189b19e8a3d9003ecdd9a0c6
---
src/misc/update_crypto.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/misc/update_crypto.c b/src/misc/update_crypto.c
index f22209c..97d48a0 100644
--- a/src/misc/update_crypto.c
+++ b/src/misc/update_crypto.c
@@ -38,6 +38,7 @@
#include <gcrypt.h>
#include <assert.h>
+#include <limits.h>
#include "vlc_common.h"
#include <vlc_stream.h>
@@ -941,8 +942,8 @@ public_key_t *download_key( vlc_object_t *p_this,
if( !p_stream )
return NULL;
- int64_t i_size = stream_Size( p_stream );
- if( i_size < 0 )
+ uint64_t i_size;
+ if( stream_GetSize( p_stream, &i_size ) || i_size > INT_MAX )
{
stream_Delete( p_stream );
return NULL;
More information about the vlc-commits
mailing list