On Sun, Jun 30, 2013 at 4:49 PM, Ben Hutchings <ben at decadent.org.uk> wrote: > Add checks that: > - Signature length does not exceed the file length (this was already > checked, but did not account for signature lengths greater than 2 GB) > - Database length is long enough for all structures we expect in it > - Array length calculations will not overflow > > To keep these checks simple, change the types of array length and index > variables to unsigned int (must be at least 32-bit, matching the file > format) and the types of byte-length variables to size_t. > > Alexandre Rebert <alexandre at cmu.edu> reported and provided a test case > for the signature length issue; the others I found by inspection. > > Signed-off-by: Ben Hutchings <ben at decadent.org.uk> Thanks! Can you resend and include linux-wireless as well for a wider review? Luis
