summaryrefslogtreecommitdiff
path: root/xmalloc.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2006-03-26 14:22:47 +1100
committerDamien Miller <djm@mindrot.org>2006-03-26 14:22:47 +1100
commit36812092ecb11a25ca9d6d87fdeaf53e371c5043 (patch)
tree257ccc18998146f7f6e6c25cbb0ff9bd6de946a5 /xmalloc.c
parent07d86bec5eeaf19fe33dca99c8ebcbe9a77c3938 (diff)
- djm@cvs.openbsd.org 2006/03/25 01:13:23
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c] [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c] [uidswap.c] change OpenSSH's xrealloc() function from being xrealloc(p, new_size) to xrealloc(p, new_nmemb, new_itemsize). realloc is particularly prone to integer overflows because it is almost always allocating "n * size" bytes, so this is a far safer API; ok deraadt@
Diffstat (limited to 'xmalloc.c')
-rw-r--r--xmalloc.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/xmalloc.c b/xmalloc.c
index 6d56781d..d5d7b6bc 100644
--- a/xmalloc.c
+++ b/xmalloc.c
@@ -35,7 +35,7 @@ xcalloc(size_t nmemb, size_t size)
{
void *ptr;
- if (nmemb && size && SIZE_T_MAX / nmemb < size)
+ if (nmemb && size && SIZE_T_MAX / nmemb < size)
fatal("xcalloc: nmemb * size > SIZE_T_MAX");
if (size == 0 || nmemb == 0)
fatal("xcalloc: zero size");
@@ -47,10 +47,13 @@ xcalloc(size_t nmemb, size_t size)
}
void *
-xrealloc(void *ptr, size_t new_size)
+xrealloc(void *ptr, size_t nmemb, size_t size)
{
void *new_ptr;
+ size_t new_size = nmemb * size;
+ if (nmemb && size && SIZE_T_MAX / nmemb < size)
+ fatal("xrealloc: nmemb * size > SIZE_T_MAX");
if (new_size == 0)
fatal("xrealloc: zero size");
if (ptr == NULL)
@@ -58,7 +61,8 @@ xrealloc(void *ptr, size_t new_size)
else
new_ptr = realloc(ptr, new_size);
if (new_ptr == NULL)
- fatal("xrealloc: out of memory (new_size %lu bytes)", (u_long) new_size);
+ fatal("xrealloc: out of memory (new_size %lu bytes)",
+ (u_long) new_size);
return new_ptr;
}