- (djm) [sftp-client.c] signed/unsigned comparison fix

author Damien Miller <djm@mindrot.org>

Fri, 17 Jan 2014 00:20:26 +0000 (11:20 +1100)

committer Damien Miller <djm@mindrot.org>

Fri, 17 Jan 2014 00:20:26 +0000 (11:20 +1100)
author Damien Miller <djm@mindrot.org>
Fri, 17 Jan 2014 00:20:26 +0000 (11:20 +1100)
committer Damien Miller <djm@mindrot.org>
Fri, 17 Jan 2014 00:20:26 +0000 (11:20 +1100)
diff --git a/ChangeLog b/ChangeLog

index 880763a7dfbcf4d9bfab9887cc8ea56f70e84d7a..ada012fb86d6bd44dede917d2f41d763327c00ed 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,7 @@
     hardening flags including -fstack-protector-strong.  These default to on
     if the toolchain supports them, but there is a configure-time knob
     (--without-hardening) to disable them if necessary.  ok djm@
+ - (djm) [sftp-client.c] signed/unsigned comparison fix
  
  20140118
   - (djm) OpenBSD CVS Sync
diff --git a/sftp-client.c b/sftp-client.c

index cb4e0c4b1aa69368aba678e980e37f61645ed085..e3c6308379a9cbaaf18b50fe54029bf6d7b1114c 100644 (file)
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1104,7 +1104,11 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
                             local_path, strerror(errno));
                         goto fail;
                 }
-               if (st.st_size > size) {
+               if (st.st_size < 0) {
+                       error("\"%s\" has negative size", local_path);
+                       goto fail;
+               }
+               if ((u_int64_t)st.st_size > size) {
                         error("Unable to resume download of \"%s\": "
                             "local file is larger than remote", local_path);
   fail:
author	Damien Miller <djm@mindrot.org>
	Fri, 17 Jan 2014 00:20:26 +0000 (11:20 +1100)
committer	Damien Miller <djm@mindrot.org>
	Fri, 17 Jan 2014 00:20:26 +0000 (11:20 +1100)
ChangeLog		patch \| blob \| blame \| history
sftp-client.c		patch \| blob \| blame \| history