From 3cdef2b892f2049fd8a4d8c5ad4baf0e28ea73c1 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 20 Sep 2012 17:53:03 +0200
Subject: [PATCH] util: fix overflow checks (cherry picked from commit
aa408e7799cf01f048efedf434916544b4badc77)
---
src/shared/util.c | 2 +-
src/shared/util.h | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/shared/util.c b/src/shared/util.c
index 9c189eb..6f2780a 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1212,7 +1212,7 @@ char *strnappend(const char *s, const char *suffix, size_t b) {
assert(suffix);
a = strlen(s);
- if ((size_t) -1 - a > b)
+ if (b > ((size_t) -1) - a)
return NULL;
r = new(char, a+b+1);
diff --git a/src/shared/util.h b/src/shared/util.h
index 86f899a..5459810 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -530,14 +530,14 @@ bool is_valid_documentation_url(const char *url);
bool in_initrd(void);
_malloc_ static inline void *malloc_multiply(size_t a, size_t b) {
- if (_unlikely_(a > ((size_t) -1) / b))
+ if (_unlikely_(b == 0 || a > ((size_t) -1) / b))
return NULL;
return malloc(a * b);
}
_malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
- if (_unlikely_(a > ((size_t) -1) / b))
+ if (_unlikely_(b == 0 || a > ((size_t) -1) / b))
return NULL;
return memdup(p, a * b);
distrib
>
Fedora
>
17
>
i386
>
media
>
updates-src
>
by-pkgid
>
ab4b662b9827b6375ffd451bf4abd615
>
files
>
554
