Mercurial > dovecot > original-hg > dovecot-1.2

changeset 4865:a69ab82d7346 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Check against offset/size overflows.
author Timo Sirainen <tss@iki.fi>
date Sun, 03 Dec 2006 17:09:37 +0200
parents 29d665ef8787
children 4ec6ceb0934a
files src/lib/file-cache.c
diffstat 1 files changed, 4 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib/file-cache.c	Sun Dec 03 16:35:07 2006 +0200
+++ b/src/lib/file-cache.c	Sun Dec 03 17:09:37 2006 +0200
@@ -99,6 +99,8 @@
 		   doesn't have to deal with any extra checks. */
 		size = SSIZE_T_MAX;
 	}
+	if (offset >= (uoff_t)-1 - size)
+		size = (uoff_t)-1 - offset;
 
 	if (offset + size > cache->mmap_length &&
 	    offset + size - cache->mmap_length > 1024*1024) {
@@ -221,6 +223,8 @@
 	unsigned char *bits;
 	unsigned int first_page, last_page;
 
+	i_assert(size < (uoff_t)-1 && offset < (uoff_t)-1 - size);
+
 	if (file_cache_set_size(cache, offset + size) < 0) {
 		/* couldn't grow mapping. just make sure the written memory
 		   area is invalidated then. */