@@ -269,20 +269,20 @@ - (void)setProtocolVersionString: (OFString *)string { void *pool = objc_autoreleasePoolPush(); OFArray *components = [string componentsSeparatedByString: @"."]; - intmax_t major, minor; + unsigned long long major, minor; of_http_request_protocol_version_t protocolVersion; if (components.count != 2) @throw [OFInvalidFormatException exception]; - major = [components.firstObject decimalValue]; - minor = [components.lastObject decimalValue]; + major = [components.firstObject unsignedLongLongValue]; + minor = [components.lastObject unsignedLongLongValue]; - if (major < 0 || major > UINT8_MAX || minor < 0 || minor > UINT8_MAX) + if (major > UINT8_MAX || minor > UINT8_MAX) @throw [OFOutOfRangeException exception]; protocolVersion.major = (uint8_t)major; protocolVersion.minor = (uint8_t)minor; @@ -304,11 +304,11 @@ } - (OFString *)stringWithEncoding: (of_string_encoding_t)encoding { void *pool = objc_autoreleasePoolPush(); - OFString *contentType, *contentLength, *ret; + OFString *contentType, *contentLengthString, *ret; OFData *data; if (encoding == OF_STRING_ENCODING_AUTODETECT && (contentType = [_headers objectForKey: @"Content-Type"]) != nil) encoding = encodingForContentType(contentType); @@ -316,13 +316,21 @@ if (encoding == OF_STRING_ENCODING_AUTODETECT) encoding = OF_STRING_ENCODING_UTF_8; data = [self readDataUntilEndOfStream]; - if ((contentLength = [_headers objectForKey: @"Content-Length"]) != nil) - if (data.count != (size_t)contentLength.decimalValue) + contentLengthString = [_headers objectForKey: @"Content-Length"]; + if (contentLengthString != nil) { + unsigned long long contentLength = + contentLengthString.unsignedLongLongValue; + + if (contentLength > SIZE_MAX) + @throw [OFOutOfRangeException exception]; + + if (data.count != (size_t)contentLength) @throw [OFTruncatedDataException exception]; + } ret = [[OFString alloc] initWithCString: (char *)data.items encoding: encoding length: data.count];