From f5b8d017dffa3d0dd8b0ee803a999e97acf489ff Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Tue, 23 Oct 2012 04:32:55 -0700 Subject: [PATCH] fix Windows mdb_env_copy(), WriteFile overflow --- libraries/libmdb/mdb.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/libraries/libmdb/mdb.c b/libraries/libmdb/mdb.c index 7d89ec3..92362a3 100644 --- a/libraries/libmdb/mdb.c +++ b/libraries/libmdb/mdb.c @@ -3431,10 +3431,17 @@ mdb_env_copy(MDB_env *env, const char *path) ptr = env->me_map + wsize; wsize = txn->mt_next_pgno * env->me_psize - wsize; #ifdef _WIN32 - { - DWORD len; - rc = WriteFile(newfd, ptr, wsize, &len, NULL); - rc = (len == wsize) ? MDB_SUCCESS : ErrCode(); +#define MAX_UINT32 4294967295U + while (wsize > 0) { + DWORD len, w2; + if (wsize > MAX_UINT32) + w2 = MAX_UINT32 - env->me_psize + 1; /* write in pagesize chunks */ + else + w2 = wsize; + rc = WriteFile(newfd, ptr, w2, &len, NULL); + rc = (len == w2) ? MDB_SUCCESS : ErrCode(); + if (rc) break; + wsize -= w2; } #else rc = write(newfd, ptr, wsize);