| taken from Fedora |
| |
| From 604b607d8ac91eb8afc0b6e3d917d5c073096103 Mon Sep 17 00:00:00 2001 |
| From: Phillip Lougher <phillip@squashfs.org.uk> |
| Date: Wed, 11 Jun 2014 04:51:37 +0100 |
| Subject: mksquashfs: ensure value does not overflow a signed int in -mem |
| option |
| |
| Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk> |
| |
| diff --git a/squashfs-tools/mksquashfs.c b/squashfs-tools/mksquashfs.c |
| index 5370ecf..9676dc8 100644 |
| --- a/squashfs-tools/mksquashfs.c |
| +++ b/squashfs-tools/mksquashfs.c |
| @@ -5193,7 +5193,16 @@ print_compressor_options: |
| argv[0]); |
| exit(1); |
| } |
| - /* convert from bytes to Mbytes */ |
| + |
| + /* |
| + * convert from bytes to Mbytes, ensuring the value |
| + * does not overflow a signed int |
| + */ |
| + if(number >= (1LL << 51)) { |
| + ERROR("%s: -mem invalid mem size\n", argv[0]); |
| + exit(1); |
| + } |
| + |
| total_mem = number / 1048576; |
| if(total_mem < (SQUASHFS_LOWMEM / SQUASHFS_TAKE)) { |
| ERROR("%s: -mem should be %d Mbytes or " |
| -- |
| cgit v0.10.1 |
| |