mirror of
https://github.com/php/php-src.git
synced 2024-09-25 11:57:26 +00:00
Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check
Upstream fix 6d209c1c48
.patch
Only revelant part applied
This commit is contained in:
parent
2326401fc1
commit
52de149ebc
@ -365,10 +365,10 @@ cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs,
|
||||
size_t ss = CDF_SHORT_SEC_SIZE(h);
|
||||
size_t pos = CDF_SHORT_SEC_POS(h, id);
|
||||
assert(ss == len);
|
||||
if (pos > CDF_SEC_SIZE(h) * sst->sst_len) {
|
||||
if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) {
|
||||
DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %"
|
||||
SIZE_T_FORMAT "u\n",
|
||||
pos, CDF_SEC_SIZE(h) * sst->sst_len));
|
||||
pos + len, CDF_SEC_SIZE(h) * sst->sst_len));
|
||||
return -1;
|
||||
}
|
||||
(void)memcpy(((char *)buf) + offs,
|
||||
|
Loading…
Reference in New Issue
Block a user