mirror of
https://gitlab.gnome.org/GNOME/glib.git
synced 2025-02-05 10:38:08 +01:00
81a454237d
The members of `URL_COMPONENTS` (`winhttp_file->url`) are `DWORD`s, i.e. 32-bit unsigned integers. Adding to and multiplying them may cause them to overflow the unsigned integer bounds, even if the result is passed to `g_memdup2()` which accepts a `gsize`. Cast the `URL_COMPONENTS` members to `gsize` first to ensure that the arithmetic is done in terms of `gsize`s rather than unsigned integers. Spotted by Sebastian Dröge. Signed-off-by: Philip Withnall <pwithnall@endlessos.org> Helps: #2319