Permalink
Browse files

Buffer overflow in cpc_buffer_read

  • Loading branch information...
1 parent 9decd09 commit f75d1714116aa13f4e877d5144b06dc925f241ee @kerneis committed May 25, 2012
Showing with 4 additions and 0 deletions.
  1. +4 −0 io.cpc
View
@@ -72,6 +72,10 @@ cpc_buffer_read(int fd, cpc_buffer *b, int len)
/* No need to read more data */
if(pos >= len)
return pos;
+ else if(len > b->size) {
+ errno = ENOMEM;
+ return -1;
+ }
cpc_timeout *t = cpc_timeout_get(io_timeout, 0);
cpc_condvar *c = cpc_timeout_condvar(t);

0 comments on commit f75d171

Please sign in to comment.