Browse Source

using reallocarray() gives us multiplicative integer overflow checking

in case something wants to create massive amounts of environment, like
a bit more than 1/4 of a 32-bit address space.  unrealistic -- but why
audit one code path, and not treat others the same?  then you have to
re-engage everytime you see the code.  read the news, that isn't what
developers do.  At least if the code paths look the same, there is hope,
because they are easier to verify for correctness.  developers need
to give other developers a chance to want to care.
OPENBSD_5_7
deraadt 10 years ago
parent
commit
7aef1c5997
1 changed files with 3 additions and 3 deletions
  1. +3
    -3
      src/lib/libc/stdlib/setenv.c

+ 3
- 3
src/lib/libc/stdlib/setenv.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: setenv.c,v 1.14 2012/09/23 16:08:04 jeremy Exp $ */
/* $OpenBSD: setenv.c,v 1.15 2014/10/08 05:33:31 deraadt Exp $ */
/* /*
* Copyright (c) 1987 Regents of the University of California. * Copyright (c) 1987 Regents of the University of California.
* All rights reserved. * All rights reserved.
@ -71,7 +71,7 @@ putenv(char *str)
for (P = environ; *P != NULL; P++) for (P = environ; *P != NULL; P++)
; ;
cnt = P - environ; cnt = P - environ;
P = (char **)realloc(lastenv, sizeof(char *) * (cnt + 2));
P = reallocarray(lastenv, cnt + 2, sizeof(char *));
if (!P) if (!P)
return (-1); return (-1);
if (lastenv != environ) if (lastenv != environ)
@ -129,7 +129,7 @@ setenv(const char *name, const char *value, int rewrite)
for (P = environ; *P != NULL; P++) for (P = environ; *P != NULL; P++)
; ;
cnt = P - environ; cnt = P - environ;
P = (char **)realloc(lastenv, sizeof(char *) * (cnt + 2));
P = reallocarray(lastenv, cnt + 2, sizeof(char *));
if (!P) if (!P)
return (-1); return (-1);
if (lastenv != environ) if (lastenv != environ)


Loading…
Cancel
Save