From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 20 Dec 2012 19:20:37 +0000 (-0500)
Subject: Fix signed overflow check in k5_ucs2s_to_utf8s
X-Git-Tag: krb5-1.12-alpha1~383
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7506becc0ac70915050e097d673e7647b99347fc;p=thirdparty%2Fkrb5.git

Fix signed overflow check in k5_ucs2s_to_utf8s

Signed overflow must be checked before it happens, since modern
versions of gcc will optimize out checks of the result.  Reported by
Nickolai Zeldovich <nickolai@csail.mit.edu>.

ticket: 7511
---

diff --git a/src/util/support/utf8_conv.c b/src/util/support/utf8_conv.c
index 6e7c5880d7..d580bbc93c 100644
--- a/src/util/support/utf8_conv.c
+++ b/src/util/support/utf8_conv.c
@@ -276,10 +276,8 @@ k5_ucs2s_to_utf8s(char *utf8str, const krb5_ucs2 *ucs2str,
 #endif
 
             n = krb5int_ucs2_to_utf8(ch, NULL);
-            if (n < 1)
+            if (n < 1 || n > INT_MAX - len)
                 return -1;
-            if (len + n < len)
-                return -1; /* overflow */
             len += n;
         }