diff options
| author | Doug Hogan <doug@cvs.openbsd.org> | 2014-10-08 04:11:29 +0000 |
|---|---|---|
| committer | Doug Hogan <doug@cvs.openbsd.org> | 2014-10-08 04:11:29 +0000 |
| commit | 9be39b80d61237e184b8aca283cfd3a7afa5efd3 (patch) | |
| tree | 15ed7fdd6c9ae9ad13e0794f5767b4bcb5b9d99b | |
| parent | 943bd3702ccb622601eb6c5fdd3439b2fba96595 (diff) | |
userland reallocarray audit.
Replace malloc() and realloc() calls that may have integer overflow in the
multiplication of the size argument with reallocarray().
ok deraadt@
| -rw-r--r-- | usr.bin/systat/cache.c | 4 | ||||
| -rw-r--r-- | usr.bin/systat/if.c | 6 | ||||
| -rw-r--r-- | usr.bin/systat/netstat.c | 4 | ||||
| -rw-r--r-- | usr.bin/systat/pigs.c | 4 | ||||
| -rw-r--r-- | usr.bin/systat/pool.c | 4 | ||||
| -rw-r--r-- | usr.bin/systat/sensors.c | 4 | ||||
| -rw-r--r-- | usr.bin/tput/tput.c | 5 | ||||
| -rw-r--r-- | usr.bin/users/users.c | 6 |
8 files changed, 19 insertions, 18 deletions
diff --git a/usr.bin/systat/cache.c b/usr.bin/systat/cache.c index 5c9a2a89d6f..7f55e645a79 100644 --- a/usr.bin/systat/cache.c +++ b/usr.bin/systat/cache.c @@ -1,4 +1,4 @@ -/* $Id: cache.c,v 1.4 2011/11/29 10:17:52 dlg Exp $ */ +/* $Id: cache.c,v 1.5 2014/10/08 04:10:04 doug Exp $ */ /* * Copyright (c) 2001, 2007 Can Erkin Acar <canacar@openbsd.org> * @@ -68,7 +68,7 @@ cache_init(int max) if (max == 0) { sc_store = NULL; } else { - sc_store = malloc(max * sizeof(struct sc_ent)); + sc_store = reallocarray(NULL, max, sizeof(struct sc_ent)); if (sc_store == NULL) return (1); } diff --git a/usr.bin/systat/if.c b/usr.bin/systat/if.c index 975a513a4b7..9f83ad943b1 100644 --- a/usr.bin/systat/if.c +++ b/usr.bin/systat/if.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if.c,v 1.21 2014/06/23 03:46:16 guenther Exp $ */ +/* $OpenBSD: if.c,v 1.22 2014/10/08 04:10:04 doug Exp $ */ /* * Copyright (c) 2004 Markus Friedl <markus@openbsd.org> * @@ -217,8 +217,8 @@ fetchifstat(void) !(ifm.ifm_addrs & RTA_IFP)) continue; if (ifm.ifm_index >= nifs) { - if ((newstats = realloc(ifstats, (ifm.ifm_index + 4) - * sizeof(struct ifstat))) == NULL) + if ((newstats = reallocarray(ifstats, ifm.ifm_index + 4, + sizeof(struct ifstat))) == NULL) continue; ifstats = newstats; for (; nifs < ifm.ifm_index + 4; nifs++) diff --git a/usr.bin/systat/netstat.c b/usr.bin/systat/netstat.c index ccf5db747d4..5ee94d3a701 100644 --- a/usr.bin/systat/netstat.c +++ b/usr.bin/systat/netstat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: netstat.c,v 1.40 2014/08/14 12:55:50 mpi Exp $ */ +/* $OpenBSD: netstat.c,v 1.41 2014/10/08 04:10:04 doug Exp $ */ /* $NetBSD: netstat.c,v 1.3 1995/06/18 23:53:07 cgd Exp $ */ /*- @@ -163,7 +163,7 @@ next_ns(void) size_t a = num_alloc + ADD_ALLOC; if (a < num_alloc) return NULL; - ni = realloc(netinfos, a * sizeof(*ni)); + ni = reallocarray(netinfos, a, sizeof(*ni)); if (ni == NULL) return NULL; netinfos = ni; diff --git a/usr.bin/systat/pigs.c b/usr.bin/systat/pigs.c index e4bf4532d39..57ef13a9038 100644 --- a/usr.bin/systat/pigs.c +++ b/usr.bin/systat/pigs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pigs.c,v 1.27 2014/09/15 19:08:21 miod Exp $ */ +/* $OpenBSD: pigs.c,v 1.28 2014/10/08 04:10:04 doug Exp $ */ /* $NetBSD: pigs.c,v 1.3 1995/04/29 05:54:50 cgd Exp $ */ /*- @@ -166,7 +166,7 @@ read_pg(void) if (nproc > onproc) { int *p; - p = realloc(pb_indices, (nproc + 1) * sizeof(int)); + p = reallocarray(pb_indices, nproc + 1, sizeof(int)); if (p == NULL) { error("Out of Memory!"); return 1; diff --git a/usr.bin/systat/pool.c b/usr.bin/systat/pool.c index 3db6c6cae3a..b4d3a24e04b 100644 --- a/usr.bin/systat/pool.c +++ b/usr.bin/systat/pool.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pool.c,v 1.8 2014/08/14 08:10:30 mpi Exp $ */ +/* $OpenBSD: pool.c,v 1.9 2014/10/08 04:10:04 doug Exp $ */ /* * Copyright (c) 2008 Can Erkin Acar <canacar@openbsd.org> * @@ -218,7 +218,7 @@ read_pool(void) } if (np > num_pools || pools == NULL) { - struct pool_info *p = realloc(pools, sizeof(*pools) * np); + struct pool_info *p = reallocarray(pools, np, sizeof(*pools)); if (p == NULL) { error("realloc: %s", strerror(errno)); return (-1); diff --git a/usr.bin/systat/sensors.c b/usr.bin/systat/sensors.c index 1f17b96a3c8..16861750462 100644 --- a/usr.bin/systat/sensors.c +++ b/usr.bin/systat/sensors.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sensors.c,v 1.28 2014/07/09 08:04:45 jasper Exp $ */ +/* $OpenBSD: sensors.c,v 1.29 2014/10/08 04:10:04 doug Exp $ */ /* * Copyright (c) 2007 Deanna Phillips <deanna@openbsd.org> @@ -102,7 +102,7 @@ next_sn(void) size_t a = num_alloc + ADD_ALLOC; if (a < num_alloc) return NULL; - s = realloc(sensors, a * sizeof(struct sensinfo)); + s = reallocarray(sensors, a, sizeof(struct sensinfo)); if (s == NULL) return NULL; sensors = s; diff --git a/usr.bin/tput/tput.c b/usr.bin/tput/tput.c index 9470469db0f..84bafe6e787 100644 --- a/usr.bin/tput/tput.c +++ b/usr.bin/tput/tput.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tput.c,v 1.19 2013/11/27 15:23:01 yasuoka Exp $ */ +/* $OpenBSD: tput.c,v 1.20 2014/10/08 04:10:47 doug Exp $ */ /* * Copyright (c) 1999 Todd C. Miller <Todd.Miller@courtesan.com> @@ -126,7 +126,8 @@ main(int argc, char *argv[]) /* grow av as needed */ if (argc + 1 >= n) { n += 64; - av = (char **)realloc(av, sizeof(char *) * n); + av = reallocarray(av, n, + sizeof(char *)); if (av == NULL) errx(1, "out of memory"); } diff --git a/usr.bin/users/users.c b/usr.bin/users/users.c index 206af35e1db..f10e336d023 100644 --- a/usr.bin/users/users.c +++ b/usr.bin/users/users.c @@ -1,4 +1,4 @@ -/* $OpenBSD: users.c,v 1.10 2013/11/15 22:20:04 millert Exp $ */ +/* $OpenBSD: users.c,v 1.11 2014/10/08 04:11:28 doug Exp $ */ /* $NetBSD: users.c,v 1.5 1994/12/20 15:58:19 jtc Exp $ */ /* @@ -74,8 +74,8 @@ main(int argc, char *argv[]) size_t newmax = nmax + 32; namebuf *newnames; - newnames = realloc(names, - sizeof(*names) * newmax); + newnames = reallocarray(names, newmax, + sizeof(*names)); if (newnames == NULL) { err(1, NULL); |