openssl: fix potential size overflow when writing data

Our `openssl_write` function calls `SSL_write` by passing in both `data` and `len` arguments directly. Thing is, our `len` parameter is of type `size_t` and theirs is of type `int`. We thus need to clamp our length to be at most `INT_MAX`.

openssl: fix potential size overflow when writing data
Our `openssl_write` function calls `SSL_write` by passing in both `data` and `len` arguments directly. Thing is, our `len` parameter is of type `size_t` and theirs is of type `int`. We thus need to clamp our length to be at most `INT_MAX`.
657197e6 · Patrick Steinhardt · Edward Thomson · 7613086d · 657197e6
Commit 657197e6 authored Jan 23, 2019 by Patrick Steinhardt Committed by Edward Thomson Jan 31, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 1 additions and 2 deletions

src/streams/openssl.c
+1 -2

No files found.
--- a/src/streams/openssl.c
+++ b/src/streams/openssl.c
@@ -649,9 +649,8 @@ static ssize_t openssl_write(git_stream *stream, const char *data, size_t data_l

 	GIT_UNUSED(flags);

-	if ((ret = SSL_write(st->ssl, data, len)) <= 0) {
+	if ((ret = SSL_write(st->ssl, data, len)) <= 0)
 		return ssl_set_error(st->ssl, ret);
-	}

 	return ret;
 }