]>
Commit | Line | Data |
---|---|---|
465bf382 AM |
1 | From c93823faef044150e1b232928d225ff5ff297e6c Mon Sep 17 00:00:00 2001 |
2 | From: Simon Arlott <sa.me.uk> | |
3 | Date: Sat, 30 Sep 2023 12:18:51 +0100 | |
4 | Subject: [PATCH] Fix integer underflow | |
5 | ||
6 | --- | |
7 | src/libspf2/spf_compile.c | 6 +++++- | |
8 | 1 file changed, 5 insertions(+), 1 deletion(-) | |
9 | ||
10 | diff --git a/src/libspf2/spf_compile.c b/src/libspf2/spf_compile.c | |
11 | index b08ffe2..d401028 100644 | |
12 | --- a/src/libspf2/spf_compile.c | |
13 | +++ b/src/libspf2/spf_compile.c | |
14 | @@ -455,7 +455,11 @@ SPF_c_parse_var(SPF_response_t *spf_response, SPF_data_var_t *data, | |
15 | /* Magic numbers for x/Nc in gdb. */ \ | |
16 | data->ds.__unused0 = 0xba; data->ds.__unused1 = 0xbe; \ | |
17 | dst = SPF_data_str( data ); \ | |
18 | - ds_avail = _avail - sizeof(SPF_data_t); \ | |
19 | + if ((_avail) < sizeof(SPF_data_t)) \ | |
20 | + return SPF_response_add_error_ptr(spf_response, \ | |
21 | + SPF_E_BIG_STRING, NULL, src, \ | |
22 | + "Out of memory for string literal");\ | |
23 | + ds_avail = (_avail) - sizeof(SPF_data_t); \ | |
24 | ds_len = 0; \ | |
25 | } while(0) | |
26 |