romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-06-18 12:55:38 +03:00
Code Issues Projects Releases Packages Wiki Activity

smb: integer overflow proof a size check

Browse source 
By using size_t for the vars instead of shorts.

Pointed out by Zeropath

Closes #22001
This commit is contained in:
Daniel Stenberg 2026-06-14 12:19:49 +02:00
parent f1b1919bd0
commit c4cb67692d
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/smb.c
View file

@ -1007,8 +1007,8 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done)
struct smb_request *req = Curl_meta_get(data, CURL_META_SMB_EASY);
struct smb_header *h;
enum smb_req_state next_state = SMB_DONE;
unsigned short len;
unsigned short off;
size_t len;
size_t off;
CURLcode result;
void *msg = NULL;
const struct smb_nt_create_response *smb_m;