allocations: test for overflow of requested size

Introduce some helper macros to test integer overflow from arithmetic and set error message appropriately.
author: Edward Thomson <ethomson@microsoft.com> 2015-02-09 23:41:13 -0500
committer: Edward Thomson <ethomson@edwardthomson.com> 2015-02-12 22:54:46 -0500
commit: 392702ee2c88d7d8aaff25f7a84acb73606f9094 (patch)
tree: 97a66fe6e488797c6a9c2680ccb31964f61fe340 /src/diff_patch.c
parent: d24a5312d8ab6d3cdb259e450ec9f1e2e6f3399d (diff)
download: libgit2-392702ee2c88d7d8aaff25f7a84acb73606f9094.tar.gz
1 files changed, 11 insertions, 1 deletions
diff --git a/src/diff_patch.c b/src/diff_patch.c
index a15107753..f5eecae66 100644
--- a/src/diff_patch.c
+++ b/src/diff_patch.c
@@ -388,8 +388,18 @@ static int diff_patch_with_delta_alloc(
 	diff_patch_with_delta *pd;
 	size_t old_len = *old_path ? strlen(*old_path) : 0;
 	size_t new_len = *new_path ? strlen(*new_path) : 0;
+	size_t alloc_len = sizeof(*pd);
 
-	*out = pd = git__calloc(1, sizeof(*pd) + old_len + new_len + 2);
+	GITERR_CHECK_ALLOC_ADD(alloc_len, old_len);
+	alloc_len += old_len;
+
+	GITERR_CHECK_ALLOC_ADD(alloc_len, new_len);
+	alloc_len += new_len;
+
+	GITERR_CHECK_ALLOC_ADD(alloc_len, 2);
+	alloc_len += 2;
+
+	*out = pd = git__calloc(1, alloc_len);
 	GITERR_CHECK_ALLOC(pd);
 
 	pd->patch.flags = GIT_DIFF_PATCH_ALLOCATED;
author	Edward Thomson <ethomson@microsoft.com>	2015-02-09 23:41:13 -0500
committer	Edward Thomson <ethomson@edwardthomson.com>	2015-02-12 22:54:46 -0500
commit	392702ee2c88d7d8aaff25f7a84acb73606f9094 (patch)
tree	97a66fe6e488797c6a9c2680ccb31964f61fe340 /src/diff_patch.c
parent	d24a5312d8ab6d3cdb259e450ec9f1e2e6f3399d (diff)
download	libgit2-392702ee2c88d7d8aaff25f7a84acb73606f9094.tar.gz