Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tool_paramhelp: asserts verify maximum sizes for string loading #9719

Closed
wants to merge 1 commit into from

Conversation

bagder
Copy link
Member

@bagder bagder commented Oct 13, 2022

The two defines MAX_FILE2MEMORY and MAX_FILE2STRING define the largest strings accepted when loading files into memory, but as the size is later used as input to functions that take the size as 'int' as argument, the sizes must not be larger than INT_MAX.

These two new assert()s make the code error out if someone would bump the sizes without this consideration.

Reported-by Trail of Bits

The two defines MAX_FILE2MEMORY and MAX_FILE2STRING define the largest
strings accepted when loading files into memory, but as the size is
later used as input to functions that take the size as 'int' as
argument, the sizes must not be larger than INT_MAX.

These two new assert()s make the code error out if someone would bump
the sizes without this consideration.

Reported-by Trail of Bits
@bagder bagder closed this in eef7ad1 Oct 13, 2022
@bagder bagder deleted the bagder/fil2mem-sizes branch Oct 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant