projects / platform / upstream / rpm.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix: prevent segfault if malicious server sends 1 GB of data through ftpNLST.
[platform/upstream/rpm.git] / rpmio / rpmrpc.c
diff --git a/rpmio/rpmrpc.c b/rpmio/rpmrpc.c
index de21d88..9f3be35 100644 (file)
--- a/rpmio/rpmrpc.c
+++ b/rpmio/rpmrpc.c
@@ -903,6 +903,7 @@ static int ftpNLST(const char * url, ftpSysCall_t ftpSysCall,
        /* XXX FIXME: realloc ftpBuf if < ~128 chars remain */
        if ((ftpBufAlloced - bufLength) < (1024+80)) {
            ftpBufAlloced <<= 2;
+           assert(ftpBufAlloced < (8*1024*1024));
            ftpBuf = xrealloc(ftpBuf, ftpBufAlloced);
        }
        s = se = ftpBuf + bufLength;
Domain: SCM / Build;