From bc0fd12880ed3c8bf6fc70ff9b18e7939549a2bd Mon Sep 17 00:00:00 2001 From: jason <> Date: Tue, 30 Jul 2002 14:51:20 +0000 Subject: [PATCH] Pull in patch from current: Fix (deraadt): return failure if integer overflow happens. sigh; too people had to help get this right. --- src/lib/libc/stdlib/calloc.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/lib/libc/stdlib/calloc.c b/src/lib/libc/stdlib/calloc.c index e79d71f9..d8b2f0dd 100644 --- a/src/lib/libc/stdlib/calloc.c +++ b/src/lib/libc/stdlib/calloc.c @@ -32,11 +32,13 @@ */ #if defined(LIBC_SCCS) && !defined(lint) -static char *rcsid = "$OpenBSD: calloc.c,v 1.5 1999/11/10 20:12:31 millert Exp $"; +static char *rcsid = "$OpenBSD: calloc.c,v 1.5.10.1 2002/07/30 14:51:20 jason Exp $"; #endif /* LIBC_SCCS and not lint */ #include #include +#include +#include void * calloc(num, size) @@ -45,6 +47,10 @@ calloc(num, size) { register void *p; + if (SIZE_T_MAX / num < size) { + errno = ENOMEM; + return NULL; + } size *= num; p = malloc(size); if (p)