CVSROOT: /cvs Module name: src Changes by: [email protected] 2018/07/23 17:09:37
Modified files:
bin/dd : dd.c
Log message:
Don't cast malloc(3) size to u_int.
Large buffer sizes on 64-bit platforms cause the sum to wrap, leading
read(2) to fail later.
We check prior to this point that all buffer sizes are <= SSIZE_MAX.
SSIZE_MAX * 2 < SIZE_MAX on all platforms, so the addition here will
not overflow and cause a similar issue.
Discovered by tobias@ a while back.
ok deraadt millert tobias
