cve-2023-51714

author Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>

Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)

committer Benjamin Drung <bdrung@debian.org>

Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
author Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
committer Benjamin Drung <bdrung@debian.org>
Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
diff --git a/src/network/access/http2/hpacktable.cpp b/src/network/access/http2/hpacktable.cpp

index 0b69ee86a9bc882af2576b4f2fd22d40126eaaca..f20ec92d4c5ab9ed02757b65ba9e4a1b943fa8f9 100644 (file)
--- a/src/network/access/http2/hpacktable.cpp
+++ b/src/network/access/http2/hpacktable.cpp
@@ -26,8 +26,10 @@ HeaderSize entry_size(QByteArrayView name, QByteArrayView value)
      // for counting the number of references to the name and value would have
      // 32 octets of overhead."
  
-    const unsigned sum = unsigned(name.size() + value.size());
-    if (std::numeric_limits<unsigned>::max() - 32 < sum)
+    size_t sum;
+    if (qAddOverflow(size_t(name.size()), size_t(value.size()), &sum))
+        return HeaderSize();
+    if (sum > (std::numeric_limits<unsigned>::max() - 32))
          return HeaderSize();
      return HeaderSize(true, quint32(sum + 32));
  }
author	Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
	Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)
committer	Benjamin Drung <bdrung@debian.org>
	Thu, 29 Feb 2024 21:45:27 +0000 (21:45 +0000)