curl-library
Potential integer overflow with write callback
Date: Sat, 26 Mar 2011 21:37:26 -0400
Hi everyone,
My write callback function looks like this:
size_t writehttpcallback ( void *ptr, size_t size, size_t nmemb, void
*data)
{
size_t realsize = size*nmemb;
...
return realsize;
}
Now, size_t is guaranteed only to be at least 16 bits according to the
standard, which means that if realsize turns out to be more than 64
kilobytes, it might overflow. I'm assuming that it's not unheard of to
get 64 kilobytes in an HTTP transaction.
Does the library account for possible overflows? Or do I have to
detect them myself?
Richard
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-03-27