From bf8c313f09d518464a5cb48da2ecb091ae7230c4 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Thu, 10 Dec 2015 18:06:06 +0000
Subject: tiny sanity check on file size

---
 src/lib/libc/stdlib/icdb.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libc/stdlib/icdb.c b/src/lib/libc/stdlib/icdb.c
index 16d5300ab3..e33a043795 100644
--- a/src/lib/libc/stdlib/icdb.c
+++ b/src/lib/libc/stdlib/icdb.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: icdb.c,v 1.3 2015/11/25 15:49:50 guenther Exp $ */
+/* $OpenBSD: icdb.c,v 1.4 2015/12/10 18:06:06 tedu Exp $ */
 /*
  * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
  *
@@ -162,6 +162,8 @@ icdb_open(const char *name, int flags, uint32_t version)
 		return NULL;
 	if (fstat(fd, &sb) != 0)
 		goto fail;
+	if (sb.st_size < sizeof(struct icdbinfo))
+		goto fail;
 	ptr = mmap(NULL, sb.st_size, PROT_READ |
 	    ((flags & O_RDWR) ? PROT_WRITE : 0), MAP_SHARED, fd, 0);
 	if (ptr == MAP_FAILED)
-- 
cgit v1.2.3-55-g6feb