apply @nielsdos suggestion instead.

devnexen · devnexen · commit 0f6d3dc20d8b · 2025-01-26T15:38:50.000Z
to potentially protect against buffer overflow.
diff --git a/ext/sodium/libsodium.c b/ext/sodium/libsodium.c
@@ -1842,7 +1842,7 @@ PHP_FUNCTION(sodium_crypto_aead_aes256gcm_decrypt)
 		RETURN_THROWS();
 	}
 	msg_len = ciphertext_len;
-	if (msg_len == SIZE_MAX) {
+	if (msg_len >= ZSTR_MAX_LEN) {
 		zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
 		RETURN_THROWS();
 	}
@@ -1957,7 +1957,7 @@ PHP_FUNCTION(sodium_crypto_aead_aegis128l_decrypt)
 		RETURN_FALSE;
 	}
 	msg_len = ciphertext_len;
-	if (msg_len == SIZE_MAX) {
+	if (msg_len >= ZSTR_MAX_LEN) {
 		zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);
 		RETURN_THROWS();
 	}

Original file line number	Diff line number	Diff line change
`@@ -1842,7 +1842,7 @@ PHP_FUNCTION(sodium_crypto_aead_aes256gcm_decrypt)`
`1842`	`1842`	`RETURN_THROWS();`
`1843`	`1843`	`}`
`1844`	`1844`	`msg_len = ciphertext_len;`
`1845`		`- if (msg_len == SIZE_MAX) {`
	`1845`	`+ if (msg_len >= ZSTR_MAX_LEN) {`
`1846`	`1846`	`zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);`
`1847`	`1847`	`RETURN_THROWS();`
`1848`	`1848`	`}`
`@@ -1957,7 +1957,7 @@ PHP_FUNCTION(sodium_crypto_aead_aegis128l_decrypt)`
`1957`	`1957`	`RETURN_FALSE;`
`1958`	`1958`	`}`
`1959`	`1959`	`msg_len = ciphertext_len;`
`1960`		`- if (msg_len == SIZE_MAX) {`
	`1960`	`+ if (msg_len >= ZSTR_MAX_LEN) {`
`1961`	`1961`	`zend_throw_exception(sodium_exception_ce, "arithmetic overflow", 0);`
`1962`	`1962`	`RETURN_THROWS();`
`1963`	`1963`	`}`