mirror/lwip
1
0
Fork 0
mirror of https://github.com/lwip-tcpip/lwip.git synced 2024-09-28 23:00:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

httpc with LWIP_HTTPC_HAVE_FILE_IO: fix heap buffer overflow for long local filenames

Browse Source 
See bug #64940
This commit is contained in:
Simon Goldschmidt 2023-11-29 21:35:06 +01:00
parent 5e3268cf3e
commit ee1523630a
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/apps/http/http_client.c
View File

@ -734,12 +734,17 @@ httpc_fs_init(httpc_filestate_t **filestate_out, const char* local_file_name,
{ {
httpc_filestate_t *filestate; httpc_filestate_t *filestate;
size_t file_len, alloc_len; size_t file_len, alloc_len;
mem_size_t alloc_mem_size;
FILE *f; FILE *f;
file_len = strlen(local_file_name); file_len = strlen(local_file_name);
alloc_len = sizeof(httpc_filestate_t) + file_len + 1; alloc_len = sizeof(httpc_filestate_t) + file_len + 1;
alloc_mem_size = (mem_size_t)alloc_len;
filestate = (httpc_filestate_t *)mem_malloc((mem_size_t)alloc_len); if (alloc_mem_size < alloc_len) {
/* overflow */
return ERR_MEM;
}
filestate = (httpc_filestate_t *)mem_malloc(alloc_mem_size);
if (filestate == NULL) { if (filestate == NULL) {
return ERR_MEM; return ERR_MEM;
} }