libfdisk: (gpt) care about SSIZE_MAX for read(2)

read(2) behavior is undefined if you want to read more  than SSIZE_MAX
bytes. Let's be paranoid and check for this...

Reported-by: Ruediger Meier <sweet_f_a@gmx.de>
Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/libfdisk/src/gpt.c b/libfdisk/src/gpt.c
index 047ba59c6a7cce3381f81ba594abab44f4706d12..36198c3bdea3c8ba38537aa39264ed1b769cb9e1 100644 (file)
--- a/libfdisk/src/gpt.c
+++ b/libfdisk/src/gpt.c
@@ -874,6 +874,11 @@ static unsigned char *gpt_read_entries(struct fdisk_context *cxt,
        if (gpt_sizeof_ents(header, &sz))
                return NULL;
 
+       if (sz > (size_t) SSIZE_MAX) {
+               DBG(LABEL, ul_debug("GPT entries array too large to read()"));
+               return NULL;
+       }
+
        ret = calloc(1, sz);
        if (!ret)
                return NULL;