On Tue, 10 Mar 2015, Gabriel Grebenar (1&1) wrote:
In version 7.35 my program failed in chunk parser function
Curl_httpchunk_read() with error message " Problem (2) in the
Chunked-Encoded data".
This problem was fixed in version 7.36
Right, that was a regression introduced in 7.35.0 that we fixed in 7.36.0.
by statement "if((ch->datasize ==
CURL_OFF_T_MAX) && (errno == ERANGE))" , but what about datasize value
CURL_OFF_T_MIN which was not checked?
How exactly can you can get an underflow when parsing a hex number there? What
input would need this added check?
ch->datasize=curlx_strtoofft(ch->hexbuffer, &endptr, 16);
if(errno == ERANGE)
/* overflow is an error */
return CHUNKE_ILLEGAL_HEX;
No can do, this gives false positives because the libc functions aren't
obliged to clear errno when things go well so there's a risk a previous
function call somewhere set errno and it would trigger this condition.
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
