From f38dcfe4f19d8799761fdaa26471cbc1a7e4a656 Mon Sep 17 00:00:00 2001 From: marcsello Date: Sun, 8 Nov 2020 23:48:10 +0100 Subject: [PATCH] Added some comment about the overflow protection --- src/caff_tools.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/caff_tools.c b/src/caff_tools.c index 8cddc33..eeebbd5 100644 --- a/src/caff_tools.c +++ b/src/caff_tools.c @@ -152,9 +152,11 @@ uint8_t validate_caff_file(uint8_t *data, uint64_t data_len) { frame_counter++; uint64_t seek_by = frame_header->length + sizeof(caff_frame_header_t); if (seek_by > len_remaining) { + // Since we working with unsigned integers, this check here is explicitly needed + // So that the following subtraction won't cause integer overflow return CAFF_PARSE_LENGTH_ERROR; } - len_remaining -= seek_by; + len_remaining -= seek_by; // Overflow here is protected by the check above p += seek_by; }