libbluray | branch: master | hpi1 <[email protected]> | Mon Jan 21 13:15:33 2013 +0200| [911b58082a5f9dbb16c1f3b246ec6ddf8ba0365c] | committer: hpi1
file_posix: fixed integer overflows and problems with signed -> unsigned conversions. Be noisy when someone tries to read/write with invalid size. > http://git.videolan.org/gitweb.cgi/libbluray.git/?a=commit;h=911b58082a5f9dbb16c1f3b246ec6ddf8ba0365c --- src/file/file_posix.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/file/file_posix.c b/src/file/file_posix.c index 1016b24..7697a72 100644 --- a/src/file/file_posix.c +++ b/src/file/file_posix.c @@ -33,6 +33,7 @@ #include <stdio.h> #include <stdlib.h> +#include <inttypes.h> #ifdef WIN32 #include <windows.h> @@ -74,14 +75,26 @@ static int file_eof_linux(BD_FILE_H *file) return feof((FILE *)file->internal); } +#define BD_MAX_SSIZE ((int64_t)(((size_t)-1)>>1)) + static int64_t file_read_linux(BD_FILE_H *file, uint8_t *buf, int64_t size) { - return fread(buf, 1, size, (FILE *)file->internal); + if (size > 0 && size < BD_MAX_SSIZE) { + return (int64_t)fread(buf, 1, (size_t)size, (FILE *)file->internal); + } + + BD_DEBUG(DBG_FILE | DBG_CRIT, "Ignoring invalid read of size %"PRId64" (%p)\n", size, file); + return 0; } static int64_t file_write_linux(BD_FILE_H *file, const uint8_t *buf, int64_t size) { - return fwrite(buf, 1, size, (FILE *)file->internal); + if (size > 0 && size < BD_MAX_SSIZE) { + return (int64_t)fwrite(buf, 1, (size_t)size, (FILE *)file->internal); + } + + BD_DEBUG(DBG_FILE | DBG_CRIT, "Ignoring invalid write of size %"PRId64" (%p)\n", size, file); + return 0; } static BD_FILE_H *file_open_linux(const char* filename, const char *mode) _______________________________________________ libbluray-devel mailing list [email protected] http://mailman.videolan.org/listinfo/libbluray-devel
