diff options
| author |   doug <doug@openbsd.org> | 2014-10-11 04:00:56 +0000 |
|---|---|---|
| committer | doug <doug@openbsd.org> | 2014-10-11 04:00:56 +0000 |
| commit | 68db792b8ae85254b8fa5ae610934969e6c7b232 (patch) | |
| tree | 6457e0402d339a32142fafa70460c454b49171d4 | |
| parent | Userland reallocarray() audit. (diff) | |
| download | wireguard-openbsd-68db792b8ae85254b8fa5ae610934969e6c7b232.tar.xz wireguard-openbsd-68db792b8ae85254b8fa5ae610934969e6c7b232.zip | |
Userland reallocarray() audit.
Avoid potential integer overflow in the size argument of malloc() and
realloc() by using reallocarray() to avoid unchecked multiplication.
ok deraadt@
| -rw-r--r-- | games/fortune/strfile/strfile.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/games/fortune/strfile/strfile.c b/games/fortune/strfile/strfile.c index b1cd9a5e59d..1dc5f4546c0 100644 --- a/games/fortune/strfile/strfile.c +++ b/games/fortune/strfile/strfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: strfile.c,v 1.19 2013/08/29 20:22:12 naddy Exp $ */ +/* $OpenBSD: strfile.c,v 1.20 2014/10/11 04:00:56 doug Exp $ */ /* $NetBSD: strfile.c,v 1.4 1995/04/24 12:23:09 cgd Exp $ */ /*- @@ -76,7 +76,9 @@ if (ptr == NULL) \ ptr = calloc(CHUNKSIZE, sizeof *ptr); \ else if (((sz) + 1) % CHUNKSIZE == 0) \ - ptr = realloc((void *) ptr, ((sz) + CHUNKSIZE) * sizeof *ptr); \ + ptr = reallocarray(ptr, \ + (sz) + CHUNKSIZE, \ + sizeof(*ptr)); \ if (ptr == NULL) \ err(1, NULL); \ } while (0) |