summaryrefslogtreecommitdiff
path: root/usr.bin/cvs/buf.c
diff options
context:
space:
mode:
authorTobias Stoeckmann <tobias@cvs.openbsd.org>2008-03-09 01:02:39 +0000
committerTobias Stoeckmann <tobias@cvs.openbsd.org>2008-03-09 01:02:39 +0000
commit4ee584d1cc651b9731066e3e7acefe60c552f17c (patch)
treeeeae4076eb31dfc43fba673c537f832fbf550a4c /usr.bin/cvs/buf.c
parentb1ad59ec695ad9aa5ca4b88bd240165911695fa8 (diff)
While allocation memory, make sure that file sizes are smaller than SIZE_MAX.
ok joris
Diffstat (limited to 'usr.bin/cvs/buf.c')
-rw-r--r--usr.bin/cvs/buf.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.bin/cvs/buf.c b/usr.bin/cvs/buf.c
index b7e274c1c86..40133545593 100644
--- a/usr.bin/cvs/buf.c
+++ b/usr.bin/cvs/buf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: buf.c,v 1.70 2008/03/08 11:53:36 joris Exp $ */
+/* $OpenBSD: buf.c,v 1.71 2008/03/09 01:02:38 tobias Exp $ */
/*
* Copyright (c) 2003 Jean-Francois Brousseau <jfb@openbsd.org>
* All rights reserved.
@@ -102,6 +102,8 @@ cvs_buf_load_fd(int fd)
if (lseek(fd, 0, SEEK_SET) == -1)
fatal("cvs_buf_load_fd: lseek: %s", strerror(errno));
+ if (st.st_size > SIZE_MAX)
+ fatal("cvs_buf_load_fd: file size too big");
buf = cvs_buf_alloc(st.st_size);
if (atomicio(read, fd, buf->cb_buf, buf->cb_size) != buf->cb_size)
fatal("cvs_buf_load_fd: read: %s", strerror(errno));