[tor-commits] [tor/master] zlib: Turn UINT_MAX overrun into an error, not an assert.

Tue Apr 25 14:51:21 UTC 2017

commit 49a5b50b31b8305e63dea5db0cc0de1cb093ff4f
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Apr 25 09:55:38 2017 -0400

    zlib: Turn UINT_MAX overrun into an error, not an assert.
---
 src/common/compress_zlib.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/common/compress_zlib.c b/src/common/compress_zlib.c
index d8200d5..7e848d5 100644
--- a/src/common/compress_zlib.c
+++ b/src/common/compress_zlib.c
@@ -213,8 +213,11 @@ tor_zlib_compress_process(tor_zlib_compress_state_t *state,
 {
   int err;
   tor_assert(state != NULL);
-  tor_assert(*in_len <= UINT_MAX);
-  tor_assert(*out_len <= UINT_MAX);
+  if (*in_len > UINT_MAX ||
+      *out_len > UINT_MAX) {
+    return TOR_COMPRESS_ERROR;
+  }
+
   state->stream.next_in = (unsigned char*) *in;
   state->stream.avail_in = (unsigned int)*in_len;
   state->stream.next_out = (unsigned char*) *out;



