[libgsf] gsf_input_read: handle numerical overflow.



commit d9fde4e5e23274cff26f31d8700254ad2ff3815f
Author: Morten Welinder <terra gnome org>
Date:   Sat Feb 23 16:18:10 2013 -0500

    gsf_input_read: handle numerical overflow.

 ChangeLog       |    4 ++++
 gsf/gsf-input.c |    2 +-
 2 files changed, 5 insertions(+), 1 deletions(-)
---
diff --git a/ChangeLog b/ChangeLog
index 2efb015..83f156b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2013-02-23  Morten Welinder  <terra gnome org>
+
+       * gsf/gsf-input.c (gsf_input_read): Detect overflow.
+
 2013-02-20  Morten Welinder  <terra gnome org>
 
        * gsf/gsf-msole-utils.c (msole_metadata_write_section): Add sanity
diff --git a/gsf/gsf-input.c b/gsf/gsf-input.c
index 97d8458..03e4605 100644
--- a/gsf/gsf-input.c
+++ b/gsf/gsf-input.c
@@ -309,7 +309,7 @@ gsf_input_read (GsfInput *input, size_t num_bytes, guint8 *optional_buffer)
 
        g_return_val_if_fail (input != NULL, NULL);
 
-       if (num_bytes == 0 || newpos > input->size)
+       if (newpos <= input->cur_offset || newpos > input->size)
                return NULL;
        res = GET_CLASS (input)->Read (input, num_bytes, optional_buffer);
        if (res == NULL)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]