Limit write requests to at most INT_MAX.

author Tim Kientzle <kientzle@acm.org>

Sat, 23 Mar 2013 06:48:41 +0000 (23:48 -0700)

committer Tim Kientzle <kientzle@acm.org>

Sat, 23 Mar 2013 06:48:41 +0000 (23:48 -0700)
author Tim Kientzle <kientzle@acm.org>
Sat, 23 Mar 2013 06:48:41 +0000 (23:48 -0700)
committer Tim Kientzle <kientzle@acm.org>
Sat, 23 Mar 2013 06:48:41 +0000 (23:48 -0700)
diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c

index eede5e05756d2c535a8e74c866972b019186c12e..be85621508d51df04ccedb3910cfe08e0dfa5b4f 100644 (file)
--- a/libarchive/archive_write.c
+++ b/libarchive/archive_write.c
@@ -673,8 +673,13 @@ static ssize_t
  _archive_write_data(struct archive *_a, const void *buff, size_t s)
  {
         struct archive_write *a = (struct archive_write *)_a;
+       const size_t max_write = INT_MAX;
+
         archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
             ARCHIVE_STATE_DATA, "archive_write_data");
+       /* In particular, this catches attempts to pass negative values. */
+       if (s > max_write)
+               s = max_write;
         archive_clear_error(&a->archive);
         return ((a->format_write_data)(a, buff, s));
  }
author	Tim Kientzle <kientzle@acm.org>
	Sat, 23 Mar 2013 06:48:41 +0000 (23:48 -0700)
committer	Tim Kientzle <kientzle@acm.org>
	Sat, 23 Mar 2013 06:48:41 +0000 (23:48 -0700)