Allowing 4GB on a 32-bit system is just asking for problems and could in
theory cause integer overflow in the dynbuf code.
The dynbuf now has an assert to catch code trying to set a max larger
than half SIZE_T_MAX.
Reported-by: Rinku Das
Closes #16716
{
DEBUGASSERT(s);
DEBUGASSERT(toobig);
+ DEBUGASSERT(toobig <= MAX_DYNBUF_SIZE); /* catch crazy mistakes */
s->bufr = NULL;
s->leng = 0;
s->allc = 0;
char *Curl_dyn_take(struct dynbuf *s, size_t *plen);
/* Dynamic buffer max sizes */
+#define MAX_DYNBUF_SIZE (SIZE_T_MAX/2)
+
#define DYN_DOH_RESPONSE 3000
#define DYN_DOH_CNAME 256
#define DYN_PAUSE_BUFFER (64 * 1024 * 1024)
#define DYN_PINGPPONG_CMD (64*1024)
#define DYN_IMAP_CMD (64*1024)
#define DYN_MQTT_RECV (64*1024)
+#define DYN_CRLFILE_SIZE 8000000
#endif
if(conn_config->CRLfile) {
struct dynbuf crl_contents;
- Curl_dyn_init(&crl_contents, SIZE_MAX);
+ Curl_dyn_init(&crl_contents, DYN_CRLFILE_SIZE);
if(!read_file_into(conn_config->CRLfile, &crl_contents)) {
failf(data, "rustls: failed to read revocation list file");
Curl_dyn_free(&crl_contents);
projects / thirdparty / curl.git / commitdiff
