From 83ce236dab867842cdba88a57db50aae0fd9a4ce Mon Sep 17 00:00:00 2001 From: Alexander Couzens Date: Sun, 11 Jun 2017 13:01:06 +0200 Subject: [PATCH] uclient-fetch: read_data_cb: fix a potential buffer overflow When a backend->read() is not implement or returns -1, This -1 is interpreted as unsigned int resulting in an access far behind the buffer. Signed-off-by: Alexander Couzens --- uclient-fetch.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/uclient-fetch.c b/uclient-fetch.c index d9582f5..dff144b 100644 --- a/uclient-fetch.c +++ b/uclient-fetch.c @@ -262,7 +262,7 @@ static void read_data_cb(struct uclient *cl) while (1) { len = uclient_read(cl, buf, sizeof(buf)); - if (!len) + if (len <= 0) return; out_bytes += len; -- 2.25.1