diff options
| author | Edward Thomson <ethomson@microsoft.com> | 2015-02-09 23:41:13 -0500 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2015-02-12 22:54:46 -0500 |
| commit | 392702ee2c88d7d8aaff25f7a84acb73606f9094 (patch) | |
| tree | 97a66fe6e488797c6a9c2680ccb31964f61fe340 /src/common.h | |
| parent | d24a5312d8ab6d3cdb259e450ec9f1e2e6f3399d (diff) | |
| download | libgit2-392702ee2c88d7d8aaff25f7a84acb73606f9094.tar.gz | |
allocations: test for overflow of requested size
Introduce some helper macros to test integer overflow from arithmetic
and set error message appropriately.
Diffstat (limited to 'src/common.h')
| -rw-r--r-- | src/common.h | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/common.h b/src/common.h index 4b4a99775..b53798eaf 100644 --- a/src/common.h +++ b/src/common.h @@ -174,6 +174,28 @@ GIT_INLINE(void) git__init_structure(void *structure, size_t len, unsigned int v GITERR_CHECK_VERSION(&(VERSION), _tmpl.version, #TYPE); \ memcpy((PTR), &_tmpl, sizeof(_tmpl)); } while (0) +/** Check for integer overflow from addition or multiplication */ +#define GIT_ALLOC_OVERFLOW_ADD(one, two) \ + ((one) + (two) < (one)) + +/** Check for integer overflow from multiplication */ +#define GIT_ALLOC_OVERFLOW_MULTIPLY(one, two) \ + (one && ((one) * (two)) / (one) != (two)) + +/** Check for additive overflow, failing if it would occur. */ +#define GITERR_CHECK_ALLOC_ADD(one, two) \ + if (GIT_ALLOC_OVERFLOW_ADD(one, two)) { \ + giterr_set_oom(); \ + return -1; \ + } + +/** Check for multiplicative overflow, failing if it would occur. */ +#define GITERR_CHECK_ALLOC_MULTIPLY(nelem, elsize) \ + if (GIT_ALLOC_OVERFLOW_MULTIPLY(nelem, elsize)) { \ + giterr_set_oom(); \ + return -1; \ + } + /* NOTE: other giterr functions are in the public errors.h header file */ #include "util.h" |