File 0100-check_length_sanity.patch of Package sblim-sfcb

Index: indCIMXMLExport.c
===================================================================
RCS file: /cvsroot/sblim/sfcb/indCIMXMLExport.c,v
retrieving revision 1.12
diff -u -p -r1.12 indCIMXMLExport.c
--- indCIMXMLExport.c	9 Oct 2008 19:18:18 -0000	1.12
+++ indCIMXMLExport.c	17 Oct 2008 20:16:40 -0000
@@ -130,7 +130,13 @@ static void initializeHeaders(CurlData *
 static size_t writeCb(void *ptr, size_t size, size_t nmemb, void *stream)
 {
     UtilStringBuffer *sb = (UtilStringBuffer*)stream;
-    int length = size * nmemb;
+    unsigned int length = 0;
+    unsigned long long calcLength = (unsigned long)size * nmemb;
+    if(calcLength > UINT_MAX) {
+        mlogf(M_ERROR, M_SHOW, "--- Cannot allocate for %d members of size $d\n", nmemb, size);
+        return 0;
+    }
+    length = calcLength & UINT_MAX;
     char c=((char*)ptr)[length];
     ((char*)ptr)[length]=0;
     sb->ft->appendChars(sb,(char*)ptr);