@karalabe added a nice fuzzer. After running it a while, I hit the overflow which this PR fixes. The overflow can happen when the size-field of a blob of data, added to the itemheadersize, wraps around to 0.
This PR addresses it by doing the addition in uint64-space instead of uint32-space.
@karalabe added a nice fuzzer. After running it a while, I hit the overflow which this PR fixes. The overflow can happen when the size-field of a blob of data, added to the itemheadersize, wraps around to
0
.This PR addresses it by doing the addition in
uint64
-space instead ofuint32
-space.