[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 249/254: urlglob: fix division by zero
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 249/254: urlglob: fix division by zero |
|
Date: |
Sat, 17 Jun 2017 16:54:41 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.54.1
in repository gnurl.
commit 5fa028e508056e3569beb5698e3f52e45fea94da
Author: Daniel Stenberg <address@hidden>
AuthorDate: Sat Jun 10 14:35:07 2017 +0200
urlglob: fix division by zero
The multiply() function that is used to avoid integer overflows, was
itself reason for a possible division by zero error when passed a
specially formatted glob.
Reported-by: GwanYeong Kim
---
src/tool_urlglob.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index d002f276d..6b1ece008 100644
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <address@hidden>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <address@hidden>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -66,6 +66,10 @@ static CURLcode glob_fixed(URLGlob *glob, char *fixed,
size_t len)
static int multiply(unsigned long *amount, long with)
{
unsigned long sum = *amount * with;
+ if(!with) {
+ *amount = 0;
+ return 0;
+ }
if(sum/with != *amount)
return 1; /* didn't fit, bail out */
*amount = sum;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 234/254: metalink: remove unused printf() argument, (continued)
- [GNUnet-SVN] [gnurl] 234/254: metalink: remove unused printf() argument, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 153/254: tests: stabilize test 1034, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 238/254: asyn-ares: s/Curl_expire_latest/Curl_expire, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 235/254: file: make speedcheck use current time for checks, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 156/254: cmake: add CURL_CA_BUNDLE/CURL_CA_FALLBACK/CURL_CA_PATH options, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 183/254: docs: clarify NO_PROXY further, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 237/254: expire: remove Curl_expire_latest(), gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 200/254: typecheck-gcc.h: separate getinfo slist checks from other pointers, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 218/254: libtest: fix int-in-bool-context warnings, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 244/254: RELEASE-PROCEDURE: updated future release dates, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 249/254: urlglob: fix division by zero,
gnunet <=
- [GNUnet-SVN] [gnurl] 175/254: opts: more examples added in option man pages, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 251/254: libressl: OCSP and intermediate certs workaround no longer needed, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 80/254: typecheck-gcc: add support for CURLINFO_SOCKET, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 104/254: tftp: silence bad-function-cast warning, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 107/254: sendrecv: fix MinGW-w64 warning, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 152/254: ssh: ignore timeouts during disconnect, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 211/254: dedotdot: fixed output for ".." and "." only input, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 206/254: curl_endian: remove unused functions, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 169/254: examples: fix Wimplicit-fallthrough warnings, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 158/254: cmake: remove CURL_CA_BUNDLE from cmake TODO, gnunet, 2017/06/17