diff --git a/ChangeLog.adoc b/ChangeLog.adoc index 3e7fcd4cf..ecfb8cd65 100644 --- a/ChangeLog.adoc +++ b/ChangeLog.adoc @@ -20,6 +20,7 @@ https://weechat.org/files/releasenotes/ReleaseNotes-devel.html[release notes] Bug fixes:: + * core: fix integer overflow in function util_version_number * core: fix integer overflow in base32 encoding/decoding * core: fix integer overflow with decimal numbers in calculation of expression * core, plugins: fix integer overflow in loops (issue #2178) diff --git a/src/core/wee-util.c b/src/core/wee-util.c index e776246f0..15dff0614 100644 --- a/src/core/wee-util.c +++ b/src/core/wee-util.c @@ -469,7 +469,9 @@ util_version_number (const char *version) { if (number < 0) number = 0; - else if (number > 0xFF) + else if ((i == 0) && (number > 0x7F)) + number = 0x7F; + else if ((i > 0) && (number > 0xFF)) number = 0xFF; version_int[i] = number; } diff --git a/tests/unit/core/test-core-util.cpp b/tests/unit/core/test-core-util.cpp index 0e40fef67..81d33a43f 100644 --- a/tests/unit/core/test-core-util.cpp +++ b/tests/unit/core/test-core-util.cpp @@ -244,4 +244,9 @@ TEST(CoreUtil, VersionNumber) LONGS_EQUAL(0x01010100, util_version_number ("1.1.1")); LONGS_EQUAL(0x01010200, util_version_number ("1.1.2")); LONGS_EQUAL(0x01020304, util_version_number ("1.2.3.4")); + LONGS_EQUAL(0x7EFFFFFF, util_version_number ("126.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("127.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("128.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("255.255.255.255")); + LONGS_EQUAL(0x7FFFFFFF, util_version_number ("999999999.999999999.999999999.999999999"));; }