From: Stefan Eissing <stefan@eissing.org>
Date: Thu, 20 Nov 2025 10:40:23 +0000 (+0100)
Subject: mqtt: eliminate size_t cast
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b812be567a153ba4450d325a38e939aab94a15cc;p=thirdparty%2Fcurl.git

mqtt: eliminate size_t cast

Use new curlx_sotouz_fits() instead.

Closes #19622
---

diff --git a/lib/curlx/warnless.c b/lib/curlx/warnless.c
index a0aa5eda13..5ed27b3e4c 100644
--- a/lib/curlx/warnless.c
+++ b/lib/curlx/warnless.c
@@ -317,6 +317,22 @@ bool curlx_sztouz(ssize_t sznum, size_t *puznum)
   return TRUE;
 }
 
+bool curlx_sotouz_fits(curl_off_t sonum, size_t *puznum)
+{
+  if(sonum < 0) {
+    *puznum = 0;
+    return FALSE;
+  }
+#if SIZEOF_CURL_OFF_T > SIZEOF_SIZE_T
+  if(sonum > SIZE_MAX) {
+    *puznum = 0;
+    return FALSE;
+  }
+#endif
+  *puznum = (size_t)sonum;
+  return TRUE;
+}
+
 curl_off_t curlx_uztoso(size_t uznum)
 {
 #if SIZEOF_SIZE_T >= SIZEOF_CURL_OFF_T
diff --git a/lib/curlx/warnless.h b/lib/curlx/warnless.h
index a128f71488..c8861d8488 100644
--- a/lib/curlx/warnless.h
+++ b/lib/curlx/warnless.h
@@ -69,6 +69,10 @@ curl_off_t curlx_uztoso(size_t uznum);
 /* Convert a ssize_t to size_t, return FALSE if negative and set 0 */
 bool curlx_sztouz(ssize_t sznum, size_t *puznum);
 
+/* Convert a curl_off_t to size_t, return FALSE if negative or
+ * too large and set 0 */
+bool curlx_sotouz_fits(curl_off_t sonum, size_t *puznum);
+
 #ifdef _WIN32
 #undef  read
 #define read(fd, buf, count)  (ssize_t)_read(fd, buf, curlx_uztoui(count))
diff --git a/lib/mqtt.c b/lib/mqtt.c
index 58458a8416..9cbe800ded 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -192,7 +192,7 @@ static CURLcode mqtt_send(struct Curl_easy *data,
   if(result)
     return result;
   mq->lastTime = curlx_now();
-  Curl_debug(data, CURLINFO_HEADER_OUT, buf, (size_t)n);
+  Curl_debug(data, CURLINFO_HEADER_OUT, buf, n);
   if(len != n) {
     size_t nsend = len - n;
     if(curlx_dyn_len(&mq->sendbuf)) {
@@ -602,10 +602,11 @@ static CURLcode mqtt_publish(struct Curl_easy *data)
     DEBUGF(infof(data, "mqtt_publish without payload, return bad arg"));
     return CURLE_BAD_FUNCTION_ARGUMENT;
   }
-  if(postfieldsize < 0)
+  if(!curlx_sotouz_fits(postfieldsize, &payloadlen)) {
+    if(postfieldsize > 0) /* off_t does not fit into size_t */
+      return CURLE_BAD_FUNCTION_ARGUMENT;
     payloadlen = strlen(payload);
-  else
-    payloadlen = (size_t)postfieldsize;
+  }
 
   result = mqtt_get_topic(data, &topic, &topiclen);
   if(result)