diff options
| author |   doug <doug@openbsd.org> | 2014-10-11 03:58:11 +0000 |
|---|---|---|
| committer | doug <doug@openbsd.org> | 2014-10-11 03:58:11 +0000 |
| commit | d6ad5e9a6ead8327329ae06a2614576ac55b74e0 (patch) | |
| tree | a832f8af456d392321bfff135e4c482ea0f4a2ad | |
| parent | convert to use of reallocarray() (diff) | |
| download | wireguard-openbsd-d6ad5e9a6ead8327329ae06a2614576ac55b74e0.tar.xz wireguard-openbsd-d6ad5e9a6ead8327329ae06a2614576ac55b74e0.zip | |
Userland reallocarray() audit.
Avoid potential integer overflow in the size argument of malloc() and
realloc() by using reallocarray() to avoid unchecked multiplication.
ok deraadt@
| -rw-r--r-- | games/boggle/boggle/bog.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/games/boggle/boggle/bog.c b/games/boggle/boggle/bog.c index 52a399c5291..13d489d3e7d 100644 --- a/games/boggle/boggle/bog.c +++ b/games/boggle/boggle/bog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bog.c,v 1.22 2013/08/18 16:32:24 guenther Exp $ */ +/* $OpenBSD: bog.c,v 1.23 2014/10/11 03:58:11 doug Exp $ */ /* $NetBSD: bog.c,v 1.5 1995/04/24 12:22:32 cgd Exp $ */ /*- @@ -327,8 +327,8 @@ playgame(void) if (npwords == maxpwords - 1) { maxpwords += MAXPWORDS; - pword = realloc(pword, - maxpwords * sizeof(char *)); + pword = reallocarray(pword, maxpwords, + sizeof(char *)); if (pword == NULL) { cleanup(); errx(1, "%s", strerror(ENOMEM)); @@ -555,7 +555,7 @@ checkdict(void) continue; if (nmwords == maxmwords - 1) { maxmwords += MAXMWORDS; - mword = realloc(mword, maxmwords * sizeof(char *)); + mword = reallocarray(mword, maxmwords, sizeof(char *)); if (mword == NULL) { cleanup(); errx(1, "%s", strerror(ENOMEM)); |