New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ftp_range: avoid integer overflow when figuring out byte range #2205

Closed
wants to merge 3 commits into
base: master
from

Conversation

Projects
None yet
3 participants
@cmeister2
Contributor

cmeister2 commented Dec 31, 2017

When trying to bump the value with one and the value is already at max,
it causes an integer overflow.

Detected by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4853

@cmeister2

This comment has been minimized.

Show comment
Hide comment
@cmeister2

cmeister2 Jan 2, 2018

Contributor

Travis issues are CI related and not code related.

Contributor

cmeister2 commented Jan 2, 2018

Travis issues are CI related and not code related.

Show outdated Hide outdated lib/ftp.c
@cmeister2

This comment has been minimized.

Show comment
Hide comment
@cmeister2

cmeister2 Jan 29, 2018

Contributor

Build looks fine apart from the MacOS failures which are known about.

Contributor

cmeister2 commented Jan 29, 2018

Build looks fine apart from the MacOS failures which are known about.

cmeister2 added some commits Jan 29, 2018

Show outdated Hide outdated lib/file.c
@bagder

bagder approved these changes Jan 30, 2018

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jan 30, 2018

Member

Hm, I'm not sure how github interpreted that but I think there should be a check of the return code but otherwise the change looks good!

Member

bagder commented Jan 30, 2018

Hm, I'm not sure how github interpreted that but I think there should be a check of the return code but otherwise the change looks good!

@cmeister2

This comment has been minimized.

Show comment
Hide comment
@cmeister2

cmeister2 Jan 30, 2018

Contributor

https://github.com/curl/curl/blob/master/lib/file.c#L517 in master doesn't do this check; is this something new that should be done?

Contributor

cmeister2 commented Jan 30, 2018

https://github.com/curl/curl/blob/master/lib/file.c#L517 in master doesn't do this check; is this something new that should be done?

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jan 30, 2018

Member

It's not new, but that's a flaw we can just as well correct while fixing up this code I think.

Member

bagder commented Jan 30, 2018

It's not new, but that's a flaw we can just as well correct while fixing up this code I think.

@cmeister2

This comment has been minimized.

Show comment
Hide comment
@cmeister2

cmeister2 Jan 30, 2018

Contributor

What's the desired behaviour on checking the return code? Anything other than CURLE_OK is a failure and should stop the transfer?

Contributor

cmeister2 commented Jan 30, 2018

What's the desired behaviour on checking the return code? Anything other than CURLE_OK is a failure and should stop the transfer?

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jan 30, 2018

Member

Right, the common pattern is to just:

   result = Curl_range(....);
   if(result)
     return result;
Member

bagder commented Jan 30, 2018

Right, the common pattern is to just:

   result = Curl_range(....);
   if(result)
     return result;
@cmeister2

This comment has been minimized.

Show comment
Hide comment
@cmeister2

cmeister2 Jan 30, 2018

Contributor

Ok, done - hope that passes the tests!

Contributor

cmeister2 commented Jan 30, 2018

Ok, done - hope that passes the tests!

@bagder

bagder approved these changes Jan 30, 2018

@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Jan 30, 2018

Member

thanks!

Member

bagder commented Jan 30, 2018

thanks!

@bagder bagder closed this in e04417d Jan 30, 2018

@lock lock bot locked as resolved and limited conversation to collaborators May 5, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.