eet - fix possible integer overflow in ptr diff on parse

coverity spotted this - with silly long strings (like 1gb in size or+) it might happen. fix CID 1256196
2016-07-11 21:54:57 +09:00 · 2016-07-11 21:54:57 +09:00 · 679af3271f
parent 98a02fc17c
commit 679af3271f
1 changed files with 3 additions and 1 deletions
--- a/src/lib/eet/eet_lib.c
+++ b/src/lib/eet/eet_lib.c
@ -1757,7 +1757,9 @@ _base64_dec(const char *file, int *size_ret)
          }
        end = p;
        // go from line start to (but not including) first invalid char
-        if (((end - buf) > 0) && (((end - buf) % 4) == 0))
+        if (((end - buf) > 0) &&
+            ((end - buf) < 0x1fffffff) && // not too long
+            (((end - buf) % 4) == 0))
          {
             unsigned char *tmp = malloc((end - buf + 4) * 2);