From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 13 Oct 2022 10:00:09 +0000 (+0200)
Subject: tool_paramhelp: asserts verify maximum sizes for string loading
X-Git-Tag: curl-7_86_0~70
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=eef7ad157383cdaf0a49c074d4c42ec7e6f5063a;p=thirdparty%2Fcurl.git

tool_paramhelp: asserts verify maximum sizes for string loading

The two defines MAX_FILE2MEMORY and MAX_FILE2STRING define the largest
strings accepted when loading files into memory, but as the size is
later used as input to functions that take the size as 'int' as
argument, the sizes must not be larger than INT_MAX.

These two new assert()s make the code error out if someone would bump
the sizes without this consideration.

Reported-by Trail of Bits

Closes #9719
---

diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 3a67e7ce13..955c61da16 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -68,6 +68,7 @@ struct getout *new_getout(struct OperationConfig *config)
 ParameterError file2string(char **bufp, FILE *file)
 {
   struct curlx_dynbuf dyn;
+  DEBUGASSERT(MAX_FILE2STRING < INT_MAX); /* needs to fit in an int later */
   curlx_dyn_init(&dyn, MAX_FILE2STRING);
   if(file) {
     char buffer[256];
@@ -94,6 +95,8 @@ ParameterError file2memory(char **bufp, size_t *size, FILE *file)
   if(file) {
     size_t nread;
     struct curlx_dynbuf dyn;
+    /* The size needs to fit in an int later */
+    DEBUGASSERT(MAX_FILE2MEMORY < INT_MAX);
     curlx_dyn_init(&dyn, MAX_FILE2MEMORY);
     do {
       char buffer[4096];