From: Stefan Eissing <stefan@eissing.org>
Date: Fri, 26 Jul 2024 08:38:45 +0000 (+0200)
Subject: transfer: speed limiting fix for 32bit systems
X-Git-Tag: curl-8_9_1~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fc273027f16df2dd1eb66ffc7df417f605199e35;p=thirdparty%2Fcurl.git

transfer: speed limiting fix for 32bit systems

When checking if a speed limit on receives applies, compare the receive
sizes using the large int type to prevent an overflow on systems where
size_t is 32bit.

Fixes #14272
Reported-by: Mamoru Tasaka
Closes #14277
---

diff --git a/lib/transfer.c b/lib/transfer.c
index 8d21305ae4..6c95a47196 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -281,13 +281,13 @@ static CURLcode readwrite_data(struct Curl_easy *data,
     buf = xfer_buf;
     bytestoread = xfer_blen;
 
-    if(bytestoread && data->set.max_recv_speed) {
+    if(bytestoread && data->set.max_recv_speed > 0) {
       /* In case of speed limit on receiving: if this loop already got
        * data, break out. If not, limit the amount of bytes to receive.
        * The overall, timed, speed limiting is done in multi.c */
       if(total_received)
         break;
-      if((size_t)data->set.max_recv_speed < bytestoread)
+      if(data->set.max_recv_speed < (curl_off_t)bytestoread)
         bytestoread = (size_t)data->set.max_recv_speed;
     }