raise error if a TLS struct does not fit

commit: 163effd7afad94f01a0c1ffc944b9af0e33bce95 [log] [tgz]
author: Kazuho Oku <kazuhooku@gmail.com> Wed Dec 13 13:20:28 2023 +0900
committer: Kazuho Oku <kazuhooku@gmail.com> Wed Dec 13 13:34:39 2023 +0900
tree: 9a927133a00fbffd550d504a4db1623f9d01596f
parent: df13092f6c5c2f08c5227e096a1590603229dfc8 [diff]
diff --git a/include/picotls.h b/include/picotls.h
index e0c3908..98dbe13 100644
--- a/include/picotls.h
+++ b/include/picotls.h

@@ -248,6 +248,7 @@
 #define PTLS_ERROR_REJECT_EARLY_DATA (PTLS_ERROR_CLASS_INTERNAL + 9)
 #define PTLS_ERROR_DELEGATE (PTLS_ERROR_CLASS_INTERNAL + 10)
 #define PTLS_ERROR_ASYNC_OPERATION (PTLS_ERROR_CLASS_INTERNAL + 11)
+#define PTLS_ERROR_BLOCK_OVERFLOW (PTLS_ERROR_CLASS_INTERNAL + 12)
 
 #define PTLS_ERROR_INCORRECT_BASE64 (PTLS_ERROR_CLASS_INTERNAL + 50)
 #define PTLS_ERROR_PEM_LABEL_NOT_FOUND (PTLS_ERROR_CLASS_INTERNAL + 51)
@@ -1203,6 +1204,10 @@
         } while (0);                                                                                                               \
         size_t body_size = (buf)->off - body_start;                                                                                \
         if (capacity != -1) {                                                                                                      \
+            if (body_size >= (size_t)1 << (capacity * 8)) {                                                                        \
+                ret = PTLS_ERROR_BLOCK_OVERFLOW;                                                                                   \
+                goto Exit;                                                                                                         \
+            }                                                                                                                      \
             for (; capacity != 0; --capacity)                                                                                      \
                 (buf)->base[body_start - capacity] = (uint8_t)(body_size >> (8 * (capacity - 1)));                                 \
         } else {                                                                                                                   \
commit	163effd7afad94f01a0c1ffc944b9af0e33bce95	[log] [tgz]
author	Kazuho Oku <kazuhooku@gmail.com>	Wed Dec 13 13:20:28 2023 +0900
committer	Kazuho Oku <kazuhooku@gmail.com>	Wed Dec 13 13:34:39 2023 +0900
tree	9a927133a00fbffd550d504a4db1623f9d01596f
parent	df13092f6c5c2f08c5227e096a1590603229dfc8 [diff]