libgsf r958 - in trunk: . gsf

From: mortenw svn gnome org
To: svn-commits-list gnome org
Subject: libgsf r958 - in trunk: . gsf
Date: Fri, 8 Feb 2008 00:31:25 +0000 (GMT)

Author: mortenw
Date: Fri Feb  8 00:31:25 2008
New Revision: 958
URL: http://svn.gnome.org/viewvc/libgsf?rev=958&view=rev

Log:
Handle overflow in block computation.



Modified:
   trunk/ChangeLog
   trunk/gsf/gsf-infile-msole.c

Modified: trunk/gsf/gsf-infile-msole.c
==============================================================================
--- trunk/gsf/gsf-infile-msole.c	(original)
+++ trunk/gsf/gsf-infile-msole.c	Fri Feb  8 00:31:25 2008
@@ -309,8 +309,9 @@
 	if (entry >= DIRENT_MAGIC_END)
 		return NULL;
 
-	block = OLE_BIG_BLOCK (entry * DIRENT_SIZE, ole);
+	g_return_val_if_fail (entry <= G_MAXUINT / DIRENT_SIZE, NULL);
 
+	block = OLE_BIG_BLOCK (entry * DIRENT_SIZE, ole);
 	g_return_val_if_fail (block < ole->bat.num_blocks, NULL);
 
 	g_return_val_if_fail (!seen_before[entry], NULL);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]