File curl-CVE-2016-8617.patch of Package curl

From 32ae8ba41b5dbf26dabe884ac4aa12597d1d96b9 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 28 Sep 2016 00:05:12 +0200
Subject: [PATCH] base64: check for integer overflow on large input

---
 lib/base64.c | 5 +++++
 1 file changed, 5 insertions(+)

Index: curl-7.37.0/lib/base64.c
===================================================================
--- curl-7.37.0.orig/lib/base64.c	2014-04-25 14:01:03.000000000 +0200
+++ curl-7.37.0/lib/base64.c	2016-10-20 15:05:39.902762057 +0200
@@ -205,6 +205,11 @@ CURLcode Curl_base64_encode(struct Sessi
   if(0 == insize)
     insize = strlen(indata);
 
+#if SIZEOF_SIZE_T == 4
+  if(insize > UINT_MAX/4)
+    return CURLE_OUT_OF_MEMORY;
+#endif
+
   base64data = output = malloc(insize*4/3+4);
   if(NULL == output)
     return CURLE_OUT_OF_MEMORY;