diff options
| author | mmcc <mmcc@cvs.openbsd.org> | 2015-10-17 13:27:56 +0000 |
|---|---|---|
| committer | mmcc <mmcc@cvs.openbsd.org> | 2015-10-17 13:27:56 +0000 |
| commit | 3864e93d334169d0078e91bc76624be4fb2974b7 (patch) | |
| tree | 9c6c3e98a4f9e0bc433e78dd7b7ff2e6cd36767f /bin | |
| parent | 7da86c80049dc38434093b979e6608ec5a46a982 (diff) | |
Copy alloc()'s overflow check to aresize().
Suggested by nicm@.
Diffstat (limited to 'bin')
| -rw-r--r-- | bin/ksh/alloc.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/bin/ksh/alloc.c b/bin/ksh/alloc.c index 21128454c68..841b5afe2cf 100644 --- a/bin/ksh/alloc.c +++ b/bin/ksh/alloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: alloc.c,v 1.10 2015/10/16 23:13:35 mmcc Exp $ */ +/* $OpenBSD: alloc.c,v 1.11 2015/10/17 13:27:55 mmcc Exp $ */ /* * Copyright (c) 2002 Marc Espie. * @@ -107,6 +107,10 @@ aresize(void *ptr, size_t size, Area *ap) if (ptr == NULL) return alloc(size, ap); + /* ensure that we don't overflow by allocating space for link */ + if (size > SIZE_MAX - sizeof(struct link)) + internal_errorf(1, "unable to allocate memory"); + l = P2L(ptr); lprev = l->prev; lnext = l->next; |