diff options
| author |   doug <doug@openbsd.org> | 2014-10-11 03:25:16 +0000 |
|---|---|---|
| committer | doug <doug@openbsd.org> | 2014-10-11 03:25:16 +0000 |
| commit | 25f350129e74d779c331fdec92535e248a92fc76 (patch) | |
| tree | 46f6332acbe6c23021cb66a7b4ad8605769925e8 /libexec/spamd/sdl.c | |
| parent | Userland reallocarray() audit. (diff) | |
| download | wireguard-openbsd-25f350129e74d779c331fdec92535e248a92fc76.tar.xz wireguard-openbsd-25f350129e74d779c331fdec92535e248a92fc76.zip | |
Userland reallocarray() audit.
Avoid potential integer overflow in the size argument of malloc() and
realloc() by using reallocarray() to avoid unchecked multiplication.
ok deraadt@
Diffstat (limited to 'libexec/spamd/sdl.c')
| -rw-r--r-- | libexec/spamd/sdl.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/libexec/spamd/sdl.c b/libexec/spamd/sdl.c index 39edaadb402..40aac687cfa 100644 --- a/libexec/spamd/sdl.c +++ b/libexec/spamd/sdl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sdl.c,v 1.18 2007/11/03 19:16:07 beck Exp $ */ +/* $OpenBSD: sdl.c,v 1.19 2014/10/11 03:25:16 doug Exp $ */ /* * Copyright (c) 2003-2007 Bob Beck. All rights reserved. @@ -78,7 +78,7 @@ sdl_add(char *sdname, char *sdstring, char ** addrs, int addrc) if (idx == blu && blu == blc) { struct sdlist *tmp; - tmp = realloc(blacklists, (blc + 128) * + tmp = reallocarray(blacklists, blc + 128, sizeof(struct sdlist)); if (tmp == NULL) return (-1); @@ -242,8 +242,8 @@ sdl_lookup(struct sdlist *head, int af, void * src) if (matches == sdnewlen) { struct sdlist **tmp; - tmp = realloc(sdnew, - (sdnewlen + 128) * + tmp = reallocarray(sdnew, + sdnewlen + 128, sizeof(struct sdlist *)); if (tmp == NULL) /* |