This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH v3] [BZ #15857] malloc: Check for integer overflow in memalign.

From: Siddhesh Poyarekar <siddhesh dot poyarekar at gmail dot com>
To: Will Newton <will dot newton at linaro dot org>
Cc: GNU C Library <libc-alpha at sourceware dot org>, patches at linaro dot org
Date: Tue, 10 Sep 2013 19:04:31 +0530
Subject: Re: [PATCH v3] [BZ #15857] malloc: Check for integer overflow in memalign.
Authentication-results: sourceware.org; auth=none
References: <522F1BA7 dot 7070102 at linaro dot org>

On 10 September 2013 18:46, Will Newton <will.newton@linaro.org> wrote:
> diff --git a/malloc/malloc.c b/malloc/malloc.c
> index 3148c5f..f7718a9 100644
> --- a/malloc/malloc.c
> +++ b/malloc/malloc.c
> @@ -3015,6 +3015,13 @@ __libc_memalign(size_t alignment, size_t bytes)
>    /* Otherwise, ensure that it is at least a minimum chunk size */
>    if (alignment <  MINSIZE) alignment = MINSIZE;
>
> +  /* Check for overflow.  */
> +  if (bytes > SIZE_MAX - alignment - MINSIZE)
> +    {
> +      __set_errno (ENOMEM);
> +      return 0;
> +    }
> +
>    arena_get(ar_ptr, bytes + alignment + MINSIZE);
>    if(!ar_ptr)
>      return 0;

Looks OK to me.

Siddhesh
-- 
http://siddhesh.in

Follow-Ups:
- Re: [PATCH v3] [BZ #15857] malloc: Check for integer overflow in memalign.
  - From: Will Newton

References:
- [PATCH v3] [BZ #15857] malloc: Check for integer overflow in memalign.
  - From: Will Newton

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]