Skip to content

Commit 2253154

Browse files
committed
Limit write requests to at most INT_MAX.
This prevents a certain common programming error (passing -1 to write) from leading to other problems deeper in the library.
1 parent d767d79 commit 2253154

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

Diff for: libarchive/archive_write.c

+5
Original file line numberDiff line numberDiff line change
@@ -673,8 +673,13 @@ static ssize_t
673673
_archive_write_data(struct archive *_a, const void *buff, size_t s)
674674
{
675675
struct archive_write *a = (struct archive_write *)_a;
676+
const size_t max_write = INT_MAX;
677+
676678
archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
677679
ARCHIVE_STATE_DATA, "archive_write_data");
680+
/* In particular, this catches attempts to pass negative values. */
681+
if (s > max_write)
682+
s = max_write;
678683
archive_clear_error(&a->archive);
679684
return ((a->format_write_data)(a, buff, s));
680685
}

0 commit comments

Comments
 (0)