strtoofft: reduce integer overflow risks globally

... make sure we bail out on overflows. Reported-by: Brian Carpenter Closes #1758
author: Daniel Stenberg <daniel@haxx.se> 2017-08-14 23:33:23 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2017-08-14 23:33:41 +0200
commit: ff50fe0348466cae1a9f9f759b362c03f7060c34 (patch)
tree: 6a5a6efbe7bd7b00e49982e09a5da8f8341de28c /lib/http_chunks.c
parent: b53b4e44241415c0a7ad857c72ec323109d2a7c0 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/lib/http_chunks.c b/lib/http_chunks.c
index 1bdf6974c..fce00c21e 100644
--- a/lib/http_chunks.c
+++ b/lib/http_chunks.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -158,9 +158,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
           return CHUNKE_ILLEGAL_HEX;
         }
 
-        ch->datasize=curlx_strtoofft(ch->hexbuffer, &endptr, 16);
-        if((ch->datasize == CURL_OFF_T_MAX) && (errno == ERANGE))
-          /* overflow is an error */
+        if(curlx_strtoofft(ch->hexbuffer, &endptr, 16, &ch->datasize))
           return CHUNKE_ILLEGAL_HEX;
         ch->state = CHUNK_LF; /* now wait for the CRLF */
       }
author	Daniel Stenberg <daniel@haxx.se>	2017-08-14 23:33:23 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2017-08-14 23:33:41 +0200
commit	ff50fe0348466cae1a9f9f759b362c03f7060c34 (patch)
tree	6a5a6efbe7bd7b00e49982e09a5da8f8341de28c /lib/http_chunks.c
parent	b53b4e44241415c0a7ad857c72ec323109d2a7c0 (diff)