more stringent overflow checks - exchange - Base system with REST service to issue digital coins, run by the payment service provider

commit e8c8efe5ec093428a0af300931f9147732c91fa9
parent 1c1d4e1ad664472391e2774b4f5b844addccd25a
Author: Christian Grothoff <christian@grothoff.org>
Date:   Fri, 27 Mar 2020 13:32:16 +0100

more stringent overflow checks

Diffstat:
M src/bank-lib/bank_api_transfer.c  | 5 ++++-

1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/bank-lib/bank_api_transfer.c b/src/bank-lib/bank_api_transfer.c
@@ -284,7 +284,10 @@ TALER_BANK_transfer (
   }
   d_len = ntohl (wp->account_len);
   u_len = ntohl (wp->exchange_url_len);
-  if (sizeof (*wp) + d_len + u_len != buf_size)
+  if ( (sizeof (*wp) + d_len + u_len != buf_size) ||
+       (d_len > buf_size) ||
+       (u_len > buf_size) ||
+       (d_len + u_len > buf_size) )
   {
     GNUNET_break (0);
     return NULL;

	exchange Base system with REST service to issue digital coins, run by the payment service provider
	Log \| Files \| Refs \| Submodules \| README \| LICENSE