diff options
author | cperciva <cperciva@FreeBSD.org> | 2004-11-18 12:01:30 +0000 |
---|---|---|
committer | cperciva <cperciva@FreeBSD.org> | 2004-11-18 12:01:30 +0000 |
commit | b2b632794ac25b34bf1d108043d053c8cc5012fc (patch) | |
tree | fb1961c09902c6c30aca40f5c6c80b24d92ffce6 /usr.bin/fetch/fetch.c | |
parent | 47da99e1adb67b9e44c45ebcf484d80ecd234e0f (diff) | |
download | FreeBSD-src-b2b632794ac25b34bf1d108043d053c8cc5012fc.zip FreeBSD-src-b2b632794ac25b34bf1d108043d053c8cc5012fc.tar.gz |
Fix buffer overflow. This is FreeBSD-SA-04:16.fetch.
Approved by: des
Diffstat (limited to 'usr.bin/fetch/fetch.c')
-rw-r--r-- | usr.bin/fetch/fetch.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c index ffcbc43..2834e0b5 100644 --- a/usr.bin/fetch/fetch.c +++ b/usr.bin/fetch/fetch.c @@ -584,7 +584,8 @@ fetch(char *URL, const char *path) /* suck in the data */ signal(SIGINFO, sig_handler); while (!sigint) { - if (us.size != -1 && us.size - count < B_size) + if (us.size != -1 && us.size - count < B_size && + us.size - count >= 0) size = us.size - count; else size = B_size; |