summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Eggert <eggert@cs.ucla.edu>2021-04-21 11:07:18 -0700
committerPaul Eggert <eggert@cs.ucla.edu>2021-04-21 11:10:49 -0700
commit7e605302f7ce70184af6a21de546da8b604f9c76 (patch)
tree77a72e29877ec98fa0b34f8a9765298e46bfa082
parent87e2ea351c7e754cc3df8f6c9c519aa9fd1559e2 (diff)
downloadgnulib-7e605302f7ce70184af6a21de546da8b604f9c76.tar.gz
gnulib-7e605302f7ce70184af6a21de546da8b604f9c76.tar.bz2
malloca: avoid ptrdiff_t overflow
* lib/malloca.c: Include idx.h, intprops.h. (mmalloca): Check for ptrdiff_t overflow. Since this module uses _GL_USE_STDLIB_ALLOC, it cannot assume GNU malloc semantics. * modules/malloca (Depends-on): Add idx, intprops.
-rw-r--r--ChangeLog6
-rw-r--r--lib/malloca.c8
-rw-r--r--modules/malloca2
3 files changed, 13 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 1e6cbd07f2..e72362077e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2021-04-21 Paul Eggert <eggert@cs.ucla.edu>
+ malloca: avoid ptrdiff_t overflow
+ * lib/malloca.c: Include idx.h, intprops.h.
+ (mmalloca): Check for ptrdiff_t overflow. Since this module uses
+ _GL_USE_STDLIB_ALLOC, it cannot assume GNU malloc semantics.
+ * modules/malloca (Depends-on): Add idx, intprops.
+
careadlinkat: avoid ptrdiff_t overflow
* lib/careadlinkat.c: Include idx.h, minmax.h.
(readlink_stk): Avoid ptrdiff_t overflow in object allocation.
diff --git a/lib/malloca.c b/lib/malloca.c
index f4ee1563b7..4077bf7087 100644
--- a/lib/malloca.c
+++ b/lib/malloca.c
@@ -21,6 +21,8 @@
/* Specification. */
#include "malloca.h"
+#include "idx.h"
+#include "intprops.h"
#include "verify.h"
/* The speed critical point in this file is freea() applied to an alloca()
@@ -45,9 +47,9 @@ mmalloca (size_t n)
#if HAVE_ALLOCA
/* Allocate one more word, used to determine the address to pass to freea(),
and room for the alignment ≡ sa_alignment_max mod 2*sa_alignment_max. */
- size_t nplus = n + sizeof (small_t) + 2 * sa_alignment_max - 1;
-
- if (nplus >= n)
+ int plus = sizeof (small_t) + 2 * sa_alignment_max - 1;
+ idx_t nplus;
+ if (!INT_ADD_WRAPV (n, plus, &nplus) && !xalloc_oversized (nplus, 1))
{
char *mem = (char *) malloc (nplus);
diff --git a/modules/malloca b/modules/malloca
index 9b7a3dbd25..346d33251a 100644
--- a/modules/malloca
+++ b/modules/malloca
@@ -9,6 +9,8 @@ m4/eealloc.m4
Depends-on:
alloca-opt
+idx
+intprops
stdint
verify
xalloc-oversized

Return to:

Send suggestions and report system problems to the System administrator.