Storable 3.05_11: croak on sizes read > I32_MAX

detected by coverity: CID 165606 (#2 of 2): Untrusted value as argument (TAINTED_SCALAR) 146. tainted_data: Passing tainted variable size to a tainted sink. (cherry picked from commit 735d922) Conflicts: dist/Storable/Storable.pm
Perl · Oct 26, 2017 · 729560b · 729560b
1 parent 59125dc
commit 729560b
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/dist/Storable/Storable.xs b/dist/Storable/Storable.xs
@@ -566,6 +566,8 @@ static stcxt_t *Context_ptr = NULL;
 #define KBUFCHK(x)							\
     STMT_START {							\
         if (x >= ksiz) {                                                \
+            if (x >= I32_MAX)                                           \
+                CROAK(("Too large size > I32_MAX"));                    \
             TRACEME(("** extending kbuf to %d bytes (had %d)",          \
                      (int)(x+1), (int)ksiz));                           \
             Renew(kbuf, x+1, char);                                     \
@@ -5863,8 +5865,7 @@ static SV *retrieve_svundef_elem(pTHX_ stcxt_t *cxt, const char *cname)
  */
 static SV *retrieve_array(pTHX_ stcxt_t *cxt, const char *cname)
 {
-    I32 len;
-    I32 i;
+    I32 len, i;
     AV *av;
     SV *sv;
     HV *stash;