From 08616e9a96b6e159c23fb477e927327bea0ea156 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Tue, 30 Jul 2002 00:11:07 +0000
Subject: [PATCH] return failure if integer overflow happens.  sigh; too people
 had to help get this right.

---
 src/lib/libc/stdlib/calloc.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/lib/libc/stdlib/calloc.c b/src/lib/libc/stdlib/calloc.c
index e79d71f9..c53b22b4 100644
--- a/src/lib/libc/stdlib/calloc.c
+++ b/src/lib/libc/stdlib/calloc.c
@@ -32,11 +32,13 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: calloc.c,v 1.5 1999/11/10 20:12:31 millert Exp $";
+static char *rcsid = "$OpenBSD: calloc.c,v 1.6 2002/07/30 00:11:07 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
+#include <errno.h>
 
 void *
 calloc(num, size)
@@ -45,6 +47,10 @@ calloc(num, size)
 {
 	register void *p;
 
+	if (SIZE_T_MAX / num < size) {
+		errno = ENOMEM;
+		return NULL;
+	}
 	size *= num;
 	p = malloc(size);
 	if (p)