]> andersk Git - libyaml.git/commitdiff
andersk / libyaml.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5b8859f)
yaml_stack_extend: guard against integer overflow
authorFlorian Weimer <fweimer@redhat.com>
Tue, 4 Feb 2014 00:48:01 +0000 (16:48 -0800)
committerTina Müller <cpan2@tinita.de>
Wed, 18 Jul 2018 19:56:11 +0000 (21:56 +0200)
src/api.c patch | blob | blame | history

diff --git a/src/api.c b/src/api.c
index b0afd1f5915fefffb37ddca9338af4d9425d90ab..e793b085fbb3cab94ee8cfe2169ffffcf0673b43 100644 (file)
--- a/src/api.c
+++ b/src/api.c
@@ -118,7 +118,12 @@ yaml_string_join(
 YAML_DECLARE(int)
 yaml_stack_extend(void **start, void **top, void **end)
 {
-    void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
+    void *new_start;
+
+    if ((char *)*end - (char *)*start >= INT_MAX / 2)
+       return 0;
+
+    new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
 
     if (!new_start) return 0;
 
Fast YAML 1.1 parser and emitter library
This page took 0.542554 seconds and 5 git commands to generate.