projects / packages / libspf2.git / blame
| Commit | Line | Data |
|---|---|---|
| 465bf382 AM |
1 | From c93823faef044150e1b232928d225ff5ff297e6c Mon Sep 17 00:00:00 2001 |
| 2 | From: Simon Arlott <sa.me.uk> | |
| 3 | Date: Sat, 30 Sep 2023 12:18:51 +0100 | |
| 4 | Subject: [PATCH] Fix integer underflow | |
| 5 | ||
| 6 | --- | |
| 7 | src/libspf2/spf_compile.c | 6 +++++- | |
| 8 | 1 file changed, 5 insertions(+), 1 deletion(-) | |
| 9 | ||
| 10 | diff --git a/src/libspf2/spf_compile.c b/src/libspf2/spf_compile.c | |
| 11 | index b08ffe2..d401028 100644 | |
| 12 | --- a/src/libspf2/spf_compile.c | |
| 13 | +++ b/src/libspf2/spf_compile.c | |
| 14 | @@ -455,7 +455,11 @@ SPF_c_parse_var(SPF_response_t *spf_response, SPF_data_var_t *data, | |
| 15 | /* Magic numbers for x/Nc in gdb. */ \ | |
| 16 | data->ds.__unused0 = 0xba; data->ds.__unused1 = 0xbe; \ | |
| 17 | dst = SPF_data_str( data ); \ | |
| 18 | - ds_avail = _avail - sizeof(SPF_data_t); \ | |
| 19 | + if ((_avail) < sizeof(SPF_data_t)) \ | |
| 20 | + return SPF_response_add_error_ptr(spf_response, \ | |
| 21 | + SPF_E_BIG_STRING, NULL, src, \ | |
| 22 | + "Out of memory for string literal");\ | |
| 23 | + ds_avail = (_avail) - sizeof(SPF_data_t); \ | |
| 24 | ds_len = 0; \ | |
| 25 | } while(0) | |
| 26 |