summaryrefslogtreecommitdiff
path: root/src/bank-lib/bank_api_transfer.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-04-09 15:49:29 +0200
committerChristian Grothoff <christian@grothoff.org>2020-04-09 15:49:38 +0200
commitdccb300b76fbf35ced3bb6b8becbfc2ba98407cc (patch)
treebf9c6875a8dd433ed6a488302fb00d92ae2bc5aa /src/bank-lib/bank_api_transfer.c
parent2844a9a7b3d8a81a2f3dda182bdee514b205d977 (diff)
downloadexchange-dccb300b76fbf35ced3bb6b8becbfc2ba98407cc.tar.gz
exchange-dccb300b76fbf35ced3bb6b8becbfc2ba98407cc.tar.bz2
exchange-dccb300b76fbf35ced3bb6b8becbfc2ba98407cc.zip
enforce proper URL limit (#6172)
Diffstat (limited to 'src/bank-lib/bank_api_transfer.c')
-rw-r--r--src/bank-lib/bank_api_transfer.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/bank-lib/bank_api_transfer.c b/src/bank-lib/bank_api_transfer.c
index 0cf59602e..5ec747605 100644
--- a/src/bank-lib/bank_api_transfer.c
+++ b/src/bank-lib/bank_api_transfer.c
@@ -91,8 +91,9 @@ TALER_BANK_prepare_transfer (
size_t u_len = strlen (exchange_base_url) + 1;
char *end;
- if ( (d_len > (size_t) UINT32_MAX) ||
- (u_len > (size_t) UINT32_MAX) )
+ if ( (d_len >= (size_t) GNUNET_MAX_MALLOC_CHECKED) ||
+ (u_len >= (size_t) GNUNET_MAX_MALLOC_CHECKED) ||
+ (d_len + u_len + sizeof (*wp) >= GNUNET_MAX_MALLOC_CHECKED) )
{
GNUNET_break (0); /* that's some long URL... */
*buf = NULL;