@@ -, +, @@
(CVE-2017-13090)
---
src/retr.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/src/retr.c
+++ a/src/retr.c
@@ -378,6 +378,12 @@ fd_read_body (const char *downloaded_filename, int fd, FILE *out, wgint toread,
remaining_chunk_size = strtol (line, &endl, 16);
xfree (line);
+ if (remaining_chunk_size < 0)
+ {
+ ret = -1;
+ break;
+ }
+
if (remaining_chunk_size == 0)
{
ret = 0;
--