From 04023213ada5d817a649db7a12999e69b5ce008e Mon Sep 17 00:00:00 2001 From: Theo Buehler Date: Wed, 28 Aug 2024 09:39:18 +0000 Subject: sync ibuf_realloc() copy with libutil This pulls in an overflow check and the change from recallocarray() to realloc(). claudio tells me that we might soon get rid of this copy. ok claudio --- usr.sbin/rpki-client/io.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'usr.sbin/rpki-client') diff --git a/usr.sbin/rpki-client/io.c b/usr.sbin/rpki-client/io.c index 3d8b79deb43..ecadce69fe7 100644 --- a/usr.sbin/rpki-client/io.c +++ b/usr.sbin/rpki-client/io.c @@ -1,4 +1,4 @@ -/* $OpenBSD: io.c,v 1.24 2023/12/12 15:54:18 claudio Exp $ */ +/* $OpenBSD: io.c,v 1.25 2024/08/28 09:39:17 tb Exp $ */ /* * Copyright (c) 2021 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -151,14 +151,15 @@ ibuf_realloc(struct ibuf *buf, size_t len) unsigned char *b; /* on static buffers max is eq size and so the following fails */ - if (buf->wpos + len > buf->max) { + if (len > SIZE_MAX - buf->wpos || buf->wpos + len > buf->max) { errno = ERANGE; return (-1); } - b = recallocarray(buf->buf, buf->size, buf->wpos + len, 1); + b = realloc(buf->buf, buf->wpos + len); if (b == NULL) return (-1); + memset(b + buf->size, 0, buf->wpos + len - buf->size); buf->buf = b; buf->size = buf->wpos + len; -- cgit v1.2.3