From b7de36416b07d49df3bedbab2fc249db0972a438 Mon Sep 17 00:00:00 2001
From: weidai <weidai@57ff6487-cd31-0410-9ec3-f628ee90f5f0>
Date: Mon, 4 Aug 2003 19:00:41 +0000
Subject: guard against potential integer overflow in allocators

git-svn-id: svn://svn.code.sf.net/p/cryptopp/code/trunk/c5@128 57ff6487-cd31-0410-9ec3-f628ee90f5f0
---
 secblock.h | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'secblock.h')

diff --git a/secblock.h b/secblock.h
index d763bc5..821f5f7 100644
--- a/secblock.h
+++ b/secblock.h
@@ -32,7 +32,14 @@ public:
 	const_pointer address(const_reference r) const {return (&r); }
 	void construct(pointer p, const T& val) {new (p) T(val);}
 	void destroy(pointer p) {p->~T();}
-	size_type max_size() const {return size_type(-1)/sizeof(T);}
+	size_type max_size() const {return ~size_type(0)/sizeof(T);}	// switch to std::numeric_limits<T>::max later
+
+protected:
+	static void CheckSize(size_t n)
+	{
+		if (n > ~size_t(0) / sizeof(T))
+			throw InvalidArgument("AllocatorBase: requested size would cause integer overflow");
+	}
 };
 
 #define CRYPTOPP_INHERIT_ALLOCATOR_TYPES	\
@@ -72,10 +79,10 @@ public:
 
 	pointer allocate(size_type n, const void * = NULL)
 	{
-		if (n > 0)
-			return new T[n];
-		else
+		CheckSize(n);
+		if (n == 0)
 			return NULL;
+		return new T[n];
 	}
 
 	void deallocate(void *p, size_type n)
-- 
cgit v1.2.1