ref: 235f71ba4767d4ab9a3e7706a3f77a7803e82cda
parent: c2304e9329802a06d43e7158d3e061e1b4c16069
author: cinap_lenrek <[email protected]>
date: Tue Jul 31 21:10:24 EDT 2012
cwfs: fix read offset integer overflow
--- a/sys/src/cmd/cwfs/9p1.c
+++ b/sys/src/cmd/cwfs/9p1.c
@@ -911,8 +911,9 @@
}
goto out;
}
-
- if(offset+count > d->size)
+ if(offset >= d->size)
+ count = 0;
+ else if(offset+count > d->size)
count = d->size - offset;
while(count > 0) { if(p == 0) {--- a/sys/src/cmd/cwfs/9p2.c
+++ b/sys/src/cmd/cwfs/9p2.c
@@ -1017,7 +1017,9 @@
accessdir(p, d, FREAD, file->uid);
if(d->mode & DDIR)
goto dread;
- if(offset+count > d->size)
+ if(offset >= d->size)
+ count = 0;
+ else if(offset+count > d->size)
count = d->size - offset;
while(count > 0){ if(p == nil){