diff options
| author |   mmcc <mmcc@openbsd.org> | 2015-10-16 23:13:35 +0000 |
|---|---|---|
| committer | mmcc <mmcc@openbsd.org> | 2015-10-16 23:13:35 +0000 |
| commit | a6a9e28a8a3e9da361bb3b2a76af547af5f63d3e (patch) | |
| tree | 5d4a5eb737838d2bc33f44759993c8a4db5d6cdf | |
| parent | use daemon(), jca had the same diff in his tree (diff) | |
| download | wireguard-openbsd-a6a9e28a8a3e9da361bb3b2a76af547af5f63d3e.tar.xz wireguard-openbsd-a6a9e28a8a3e9da361bb3b2a76af547af5f63d3e.zip | |
Move the overflow check to alloc() so that the link struct overhead can
never bite us.
Suggested by Theo Buehler, inspired by Bitrig's natano@.
ok tedu@
| -rw-r--r-- | bin/ksh/alloc.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/bin/ksh/alloc.c b/bin/ksh/alloc.c index 3a6b35a79a4..21128454c68 100644 --- a/bin/ksh/alloc.c +++ b/bin/ksh/alloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: alloc.c,v 1.9 2015/10/16 03:17:56 mmcc Exp $ */ +/* $OpenBSD: alloc.c,v 1.10 2015/10/16 23:13:35 mmcc Exp $ */ /* * Copyright (c) 2002 Marc Espie. * @@ -63,6 +63,10 @@ alloc(size_t size, Area *ap) { struct link *l; + /* ensure that we don't overflow by allocating space for link */ + if (size > SIZE_MAX - sizeof(struct link)) + internal_errorf(1, "unable to allocate memory"); + l = malloc(sizeof(struct link) + size); if (l == NULL) internal_errorf(1, "unable to allocate memory"); @@ -92,10 +96,6 @@ allocarray(size_t nmemb, size_t size, Area *ap) internal_errorf(1, "unable to allocate memory"); } - /* additional check because alloc() allocates space for link */ - if (nmemb * size > SIZE_MAX - sizeof(struct link)) - internal_errorf(1, "unable to allocate memory"); - return alloc(nmemb * size, ap); } |