From: Jim Meyering Date: Tue, 3 Nov 2009 17:55:21 +0000 (+0100) Subject: hivex: fail upon integer overflow X-Git-Tag: 1.1.0~76 X-Git-Url: http://git.annexia.org/?a=commitdiff_plain;h=68c045361e7cce81c704ae76f604c98fe4ded8fe;p=hivex.git hivex: fail upon integer overflow * hivex/hivex.c (windows_utf16_to_utf8): Avoid overflow and a potential infloop. --- diff --git a/hivex/hivex.c b/hivex/hivex.c index 4fa3b30..ac46346 100644 --- a/hivex/hivex.c +++ b/hivex/hivex.c @@ -1033,9 +1033,12 @@ windows_utf16_to_utf8 (/* const */ char *input, size_t len) size_t r = iconv (ic, &inp, &inlen, &outp, &outlen); if (r == (size_t) -1) { if (errno == E2BIG) { + size_t prev = outalloc; /* Try again with a larger output buffer. */ free (out); outalloc *= 2; + if (outalloc < prev) + return NULL; goto again; } else {