summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-12-10 18:53:03 +0000
committerLennart Poettering <lennart@poettering.net>2013-12-10 18:53:56 +0000
commit98088803bb2a9f89b7bbc063123dda3343138f18 (patch)
treeedb1cb891fd460ac6df926e61f90ae9af75cc653 /src
parente77f18939b849e636591309ef2f400b6dd537b60 (diff)
util: check for overflow in greedy_realloc()
Diffstat (limited to 'src')
-rw-r--r--src/shared/util.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/src/shared/util.c b/src/shared/util.c
index 9c07392c59..1c35edfbb1 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -5792,12 +5792,18 @@ void* greedy_realloc(void **p, size_t *allocated, size_t need) {
size_t a;
void *q;
+ assert(p);
assert(allocated);
if (*allocated >= need)
return *p;
a = MAX(64u, need * 2);
+
+ /* check for overflows */
+ if (a < need)
+ return NULL;
+
q = realloc(*p, a);
if (!q)
return NULL;
@@ -5808,9 +5814,14 @@ void* greedy_realloc(void **p, size_t *allocated, size_t need) {
}
void* greedy_realloc0(void **p, size_t *allocated, size_t need) {
- size_t prev = *allocated;
+ size_t prev;
uint8_t *q;
+ assert(p);
+ assert(allocated);
+
+ prev = *allocated;
+
q = greedy_realloc(p, allocated, need);
if (!q)
return NULL;