Add integer overflow checks to kore_calloc - kore - Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.

commit f3fe5433585320e5313ffa3e9b804ace01a954a1
parent fd7f5470134676057bd997474ad8655976eb6005
Author: Joris Vink <joris@coders.se>
Date:   Wed, 23 Apr 2014 14:26:28 +0200

Add integer overflow checks to kore_calloc

Diffstat:
src/mem.c  | 11 +++++++++++

1 file changed, 11 insertions(+), 0 deletions(-)
diff --git a/src/mem.c b/src/mem.c
@@ -44,6 +44,9 @@ kore_malloc(size_t len)
 	u_int8_t		*addr;
 	u_int32_t		*plen;
 
+	if (len == 0)
+		fatal("kore_malloc(): zero size");
+
 	mlen = sizeof(u_int32_t) + len + sizeof(struct meminfo);
 	if ((ptr = malloc(mlen)) == NULL)
 		fatal("kore_malloc(%d): %d", len, errno);
@@ -68,6 +71,9 @@ kore_realloc(void *ptr, size_t len)
 	struct meminfo		*mem;
 	void			*nptr;
 
+	if (len == 0)
+		fatal("kore_realloc(): zero size");
+
 	if (ptr == NULL) {
 		nptr = kore_malloc(len);
 	} else {
@@ -86,6 +92,11 @@ kore_realloc(void *ptr, size_t len)
 void *
 kore_calloc(size_t memb, size_t len)
 {
+	if (memb == 0 || len == 0)
+		fatal("kore_calloc(): zero size");
+	if (SIZE_MAX / memb < len)
+		fatal("kore_calloc: memb * len > SIZE_MAX");
+
 	return (kore_malloc(memb * len));
 }

	kore Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
	Commits \| Files \| Refs \| README \| LICENSE \| git clone https://git.kore.io/kore.git