luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-09-20 01:06:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
4236672170
glib/gio/win32
History
Philip Withnall 81a454237d gwinhttpfile: Avoid arithmetic overflow when calculating a size 
The members of `URL_COMPONENTS` (`winhttp_file->url`) are `DWORD`s, i.e.
32-bit unsigned integers. Adding to and multiplying them may cause them
to overflow the unsigned integer bounds, even if the result is passed to
`g_memdup2()` which accepts a `gsize`.

Cast the `URL_COMPONENTS` members to `gsize` first to ensure that the
arithmetic is done in terms of `gsize`s rather than unsigned integers.

Spotted by Sebastian Dröge.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Helps: #2319
2021-02-04 16:17:21 +00:00
..
gwin32filemonitor.c gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwin32filemonitor.h gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwin32fsmonitorutils.c tree: Fix various typos and outdated terminology 2020-06-12 15:01:08 +01:00
gwin32fsmonitorutils.h gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwinhttpfile.c gwinhttpfile: Avoid arithmetic overflow when calculating a size 2021-02-04 16:17:21 +00:00
gwinhttpfile.h gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwinhttpfileinputstream.c gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwinhttpfileinputstream.h gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwinhttpfileoutputstream.c gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwinhttpfileoutputstream.h gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
gwinhttpvfs.c gwin32: Always use unicode APIs 2021-01-05 21:42:59 +01:00
gwinhttpvfs.h gio/win32/: LGPLv2+ -> LGPLv2.1+ 2017-05-29 19:53:34 +02:00
meson.build build: Drop use of G_DISABLE_DEPRECATED from the build system 2019-05-30 10:38:45 +01:00
winhttp.h License headers: replace current FSF address by a link to gnu.org 2017-01-04 19:12:57 +01:00