Error: INTEGER_OVERFLOW (CWE-190):
tdb-1.4.10/pytdb.c:401: cast_overflow: Truncation due to cast operation on "num_values" from 64 to 32 bits.
tdb-1.4.10/pytdb.c:401: overflow_sink: "num_values", which might have overflowed, is passed to "tdb_storev(self->ctx, key, values, num_values, flag)".
399| }
400|
401|-> ret = tdb_storev(self->ctx, key, values, num_values, flag);
402| free(values);
403| PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx);
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
PyErr_SetFromErrno(PyExc_OverflowError);
return NULL;
}
+ if (num_values > INT_MAX) {
+ PyErr_SetFromErrno(PyExc_OverflowError);
+ return NULL;
+ }
values = malloc(sizeof(TDB_DATA) * num_values);
if (values == NULL) {
PyErr_NoMemory();
values[i] = value;
}
- ret = tdb_storev(self->ctx, key, values, num_values, flag);
+ ret = tdb_storev(self->ctx, key, values, (int)num_values, flag);
free(values);
PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx);
Py_RETURN_NONE;