[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: wget | Subject: [PATCH] avoid triggering signed integer overflow (!1
|
From: |
Darshit Shah |
|
Subject: |
Re: wget | Subject: [PATCH] avoid triggering signed integer overflow (!13) |
|
Date: |
Sun, 27 Dec 2020 23:55:30 +0000 |
Darshit Shah started a new discussion on src/html-url.c:
https://gitlab.com/gnuwget/wget/-/merge_requests/13#note_474265234
> return;
>
> for (p = refresh; c_isdigit (*p); p++)
> - timeout = 10 * timeout + *p - '0';
> + {
> + if (timeout > INT_MAX >> 4 || *p - '0' > INT_MAX - 10 * timeout)
> + return;
I would probably set timeout to `INT_MAX` in this case. Or am I missing
something?
Also, in practice, such large timeouts should never occur. In fact, I'm
thinking we should upper bound timeouts to a `uint16_t` or something. Anything
beyond that seems absolutely unreasonable.
--
Reply to this email directly or view it on GitLab:
https://gitlab.com/gnuwget/wget/-/merge_requests/13#note_474265234
You're receiving this email because of your account on gitlab.com.
- Re: wget | Subject: [PATCH] avoid triggering signed integer overflow (!13),
Darshit Shah <=