- Fix pythonmod script read for numeric overflow.

author W.C.A. Wijngaards <wouter@nlnetlabs.nl>

Wed, 10 Jun 2026 09:24:02 +0000 (11:24 +0200)

committer W.C.A. Wijngaards <wouter@nlnetlabs.nl>

Wed, 10 Jun 2026 09:24:02 +0000 (11:24 +0200)
author W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Wed, 10 Jun 2026 09:24:02 +0000 (11:24 +0200)
committer W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Wed, 10 Jun 2026 09:24:02 +0000 (11:24 +0200)
diff --git a/doc/Changelog b/doc/Changelog

index e1c7bdb934caad2c8676f8e575b37bcc1d399a8a..8b1f2d1cd1d74e115c2ad4029ef8a81ea2c81208 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+10 June 2026: Wouter
+       - Fix pythonmod script read for numeric overflow.
+
  9 June 2026: Wouter
         - Fix unit test for ecs to check for malloc success.
  
diff --git a/pythonmod/pythonmod.c b/pythonmod/pythonmod.c

index 7cd9a7543fdd8bac1845ad4739f05cf36582af42..1b077bb6f3c212f9a4aafd02b53463d463448720 100644 (file)
--- a/pythonmod/pythonmod.c
+++ b/pythonmod/pythonmod.c
@@ -491,6 +491,12 @@ int pythonmod_init(struct module_env* env, int id)
        /* print the error to logs too, run it again */
        fseek(script_py, 0, SEEK_END);
        flen = (size_t)ftell(script_py);
+#ifdef SIZE_MAX
+      if(flen > SIZE_MAX-2) {
+               log_err("script file too large");
+               goto fail_close_file;
+      }
+#endif
        fstr = malloc(flen+1);
        if(!fstr) {
                 log_err("malloc failure to print parse error");
author	W.C.A. Wijngaards <wouter@nlnetlabs.nl>
	Wed, 10 Jun 2026 09:24:02 +0000 (11:24 +0200)
committer	W.C.A. Wijngaards <wouter@nlnetlabs.nl>
	Wed, 10 Jun 2026 09:24:02 +0000 (11:24 +0200)
doc/Changelog		patch \| blob \| blame \| history
pythonmod/pythonmod.c		patch \| blob \| blame \| history