From 4495a6c2e0dcc07de5ed77f4b3effa0f6e951bfd Mon Sep 17 00:00:00 2001
From: psychon <psychon@726aef4b-f618-498e-8847-2d620e286838>
Date: Sun, 19 Jul 2009 19:51:53 +0000
Subject: [PATCH] Fix an integer overflow bug in the DCC code

The issue happened if off_t was a signed, 4 byte integer (x86). In this case
(off_t) 0xffffffff is -1 and a file size is always larger than -1 which
unconditionally caused the "File too large" error to trigger.

Thanks to [Deton8r] for reporting this bug and flakes for debugging it.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1568 726aef4b-f618-498e-8847-2d620e286838
---
 DCCSock.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/DCCSock.cpp b/DCCSock.cpp
index f8d0b3cb..d3ecfaf5 100644
--- a/DCCSock.cpp
+++ b/DCCSock.cpp
@@ -186,8 +186,8 @@ CFile* CDCCSock::OpenFile(bool bWrite) {
 
 		// The DCC specs only allow file transfers with files smaller
 		// than 4GiB (see ReadData()).
-		off_t uFileSize = m_pFile->GetSize();
-		if (uFileSize > (off_t) 0xffffffff) {
+		unsigned long long uFileSize = m_pFile->GetSize();
+		if (uFileSize > (unsigned long long) 0xffffffff) {
 			delete m_pFile;
 			m_pFile = NULL;
 			m_pUser->PutModule(m_sModuleName, "DCC -> [" + m_sRemoteNick + "] - File too large (>4 GiB) [" + m_sLocalFile + "]");