Skip to content

Commit

Permalink
Add integer overflow protection
Browse files Browse the repository at this point in the history
  • Loading branch information
@cpq
cpq committed Aug 18, 2023
1 parent 69d2ba7 commit f3617a1
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions mongoose.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1533,6 +1533,7 @@ int mg_http_parse(const char *s, size_t len, struct mg_http_message *hm) {
hm->body.len = 0;
hm->message.len = (size_t) req_len;
}
if (hm->message.len < (size_t) req_len) return -1; // Overflow protection

return req_len;
}
Expand Down
1 change: 1 addition & 0 deletions src/http.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -301,6 +301,7 @@ int mg_http_parse(const char *s, size_t len, struct mg_http_message *hm) {
hm->body.len = 0;
hm->message.len = (size_t) req_len;
}
if (hm->message.len < (size_t) req_len) return -1; // Overflow protection

return req_len;
}
Expand Down

0 comments on commit f3617a1

Please sign in to comment.