From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Wed, 10 Jun 2026 09:24:02 +0000 (+0200)
Subject: - Fix pythonmod script read for numeric overflow.
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=db1c6d655764efde9987bec7b93bfa3dfc1cb75f;p=thirdparty%2Funbound.git

- Fix pythonmod script read for numeric overflow.
---

diff --git a/doc/Changelog b/doc/Changelog
index e1c7bdb93..8b1f2d1cd 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+10 June 2026: Wouter
+	- Fix pythonmod script read for numeric overflow.
+
 9 June 2026: Wouter
 	- Fix unit test for ecs to check for malloc success.
 
diff --git a/pythonmod/pythonmod.c b/pythonmod/pythonmod.c
index 7cd9a7543..1b077bb6f 100644
--- a/pythonmod/pythonmod.c
+++ b/pythonmod/pythonmod.c
@@ -491,6 +491,12 @@ int pythonmod_init(struct module_env* env, int id)
       /* print the error to logs too, run it again */
       fseek(script_py, 0, SEEK_END);
       flen = (size_t)ftell(script_py);
+#ifdef SIZE_MAX
+      if(flen > SIZE_MAX-2) {
+		log_err("script file too large");
+		goto fail_close_file;
+      }
+#endif
       fstr = malloc(flen+1);
       if(!fstr) {
 		log_err("malloc failure to print parse error");