- * include it as well, then allocate the array of sizes. */
- sizes_size = sd->num_entries * sizeof(u64);
+ * include it as well, then allocate the array of sizes.
+ *
+ * Note: The total length of the security data must fit in a 32-bit
+ * integer, even though each security descriptor size is a 64-bit
+ * integer. This is stupid, and we need to be careful not to actually
+ * let the security descriptor sizes be over 0xffffffff. */
+ if ((u64)sd->total_length > metadata_resource_len) {
+ ERROR("Security data total length (%u) is bigger than the "
+ "metadata resource length (%"PRIu64")",
+ sd->total_length, metadata_resource_len);
+ ret = WIMLIB_ERR_INVALID_RESOURCE_SIZE;
+ goto out_free_sd;
+ }