[vlc-commits] update: fix integer overflow with signature file size

[Rémi Denis-Courmont]

vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Mon Aug 31 20:12:21 2015 +0300| [707f2169642a0f7969300a79cbf1de6bb6a3b0a5] | committer: Rémi Denis-Courmont

update: fix integer overflow with signature file size

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=707f2169642a0f7969300a79cbf1de6bb6a3b0a5
---

 src/misc/update_crypto.c |   14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/misc/update_crypto.c b/src/misc/update_crypto.c
index f22209c..d7cbd47 100644
--- a/src/misc/update_crypto.c
+++ b/src/misc/update_crypto.c
@@ -38,6 +38,7 @@
 
 #include <gcrypt.h>
 #include <assert.h>
+#include <limits.h>
 
 #include "vlc_common.h"
 #include <vlc_stream.h>
@@ -941,8 +942,8 @@ public_key_t *download_key( vlc_object_t *p_this,
     if( !p_stream )
         return NULL;
 
-    int64_t i_size = stream_Size( p_stream );
-    if( i_size < 0 )
+    uint64_t i_size;
+    if( stream_GetSize( p_stream, &i_size ) || i_size > INT_MAX )
     {
         stream_Delete( p_stream );
         return NULL;
@@ -1008,9 +1009,14 @@ int download_signature( vlc_object_t *p_this, signature_packet_t *p_sig,
     if( !p_stream )
         return VLC_ENOMEM;
 
-    int64_t i_size = stream_Size( p_stream );
+    uint64_t i_size;
+    if( stream_GetSize( p_stream, &i_size ) || i_size > INT_MAX )
+    {
+        stream_Delete( p_stream );
+        return NULL;
+    }
 
-    msg_Dbg( p_this, "Downloading signature (%"PRId64" bytes)", i_size );
+    msg_Dbg( p_this, "Downloading signature (%"PRIu64" bytes)", i_size );
     uint8_t *p_buf = (uint8_t*)malloc( i_size );
     if( !p_buf )
     {