From 3cdef2b892f2049fd8a4d8c5ad4baf0e28ea73c1 Mon Sep 17 00:00:00 2001 From: Lennart Poettering <lennart@poettering.net> Date: Thu, 20 Sep 2012 17:53:03 +0200 Subject: [PATCH] util: fix overflow checks (cherry picked from commit aa408e7799cf01f048efedf434916544b4badc77) --- src/shared/util.c | 2 +- src/shared/util.h | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/shared/util.c b/src/shared/util.c index 9c189eb..6f2780a 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -1212,7 +1212,7 @@ char *strnappend(const char *s, const char *suffix, size_t b) { assert(suffix); a = strlen(s); - if ((size_t) -1 - a > b) + if (b > ((size_t) -1) - a) return NULL; r = new(char, a+b+1); diff --git a/src/shared/util.h b/src/shared/util.h index 86f899a..5459810 100644 --- a/src/shared/util.h +++ b/src/shared/util.h @@ -530,14 +530,14 @@ bool is_valid_documentation_url(const char *url); bool in_initrd(void); _malloc_ static inline void *malloc_multiply(size_t a, size_t b) { - if (_unlikely_(a > ((size_t) -1) / b)) + if (_unlikely_(b == 0 || a > ((size_t) -1) / b)) return NULL; return malloc(a * b); } _malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) { - if (_unlikely_(a > ((size_t) -1) / b)) + if (_unlikely_(b == 0 || a > ((size_t) -1) / b)) return NULL; return memdup(p, a * b);