sum: handle EOVERFLOW for too large inputs

* src/sum.c (bsd_sum_stream): Detect overflow when updating length.
(sysv_sum_stream): Likewise.

diff --git a/src/sum.c b/src/sum.c
index 1633c86c5297b144d721c373aa66ade6c7799a21..4e1efe9e1178f6e1f3d823fd732b26918af3ba68 100644 (file)
--- a/src/sum.c
+++ b/src/sum.c
@@ -73,6 +73,11 @@ bsd_sum_stream (FILE *stream, void *resstream, uintmax_t *length)
         checksum += buffer[i];
         checksum &= 0xffff;    /* Keep it within bounds. */
       }
+    if (total_bytes + sum < total_bytes)
+      {
+        errno = EOVERFLOW;
+        goto cleanup_buffer;
+      }
     total_bytes += sum;
   }
 
@@ -84,6 +89,11 @@ final_process:;
       checksum += buffer[i];
       checksum &= 0xffff;      /* Keep it within bounds. */
     }
+  if (total_bytes + sum < total_bytes)
+    {
+      errno = EOVERFLOW;
+      goto cleanup_buffer;
+    }
   total_bytes += sum;
 
   memcpy (resstream, &checksum, sizeof checksum);
@@ -139,6 +149,11 @@ sysv_sum_stream (FILE *stream, void *resstream, uintmax_t *length)
 
     for (size_t i = 0; i < sum; i++)
       s += buffer[i];
+    if (total_bytes + sum < total_bytes)
+      {
+        errno = EOVERFLOW;
+        goto cleanup_buffer;
+      }
     total_bytes += sum;
   }
 
@@ -146,6 +161,11 @@ final_process:;
 
   for (size_t i = 0; i < sum; i++)
     s += buffer[i];
+  if (total_bytes + sum < total_bytes)
+    {
+      errno = EOVERFLOW;
+      goto cleanup_buffer;
+    }
   total_bytes += sum;
 
   int r = (s & 0xffff) + ((s & 0xffffffff) >> 16);