virFileReadLimFD: Cast maxlen to size_t before adding

If the function is called with maxlen equal to `INT_MAX`, adding one will trigger a signed integer overflow. Signed-off-by: Tim Wiederhake <twiederh@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2025-02-02 18:05:20 +00:00 · 2021-07-22 10:30:21 +02:00 · 2021-07-22 10:30:21 +02:00 · 2ed93ed979
commit 2ed93ed979
parent 5873037c8e
1 changed files with 1 additions and 1 deletions
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@ -1422,7 +1422,7 @@ virFileReadLimFD(int fd, int maxlen, char **buf)
        errno = EINVAL;
        return -1;
    }
-    s = saferead_lim(fd, maxlen+1, &len);
+    s = saferead_lim(fd, (size_t) maxlen + 1, &len);
    if (s == NULL)
        return -1;
    if (len > maxlen || (int)len != len) {