diff options
author | Florian Weimer <fweimer@redhat.com> | 2014-02-03 16:48:01 -0800 |
---|---|---|
committer | Ingy döt Net <ingy@ingy.net> | 2016-10-15 15:36:43 -0700 |
commit | 12bb0c81066d130055a2189d07fe1894ff4ffdd0 (patch) | |
tree | 6e2645a2d5d7a74b82205338cb9da26618c65b24 | |
parent | 6db69c72d4823a95c8feddaaa4380d13cf02939c (diff) | |
download | libyaml-git-12bb0c81066d130055a2189d07fe1894ff4ffdd0.tar.gz |
yaml_stack_extend: guard against integer overflowinteger-overflow
-rw-r--r-- | src/api.c | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -117,7 +117,12 @@ yaml_string_join( YAML_DECLARE(int) yaml_stack_extend(void **start, void **top, void **end) { - void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2); + void *new_start; + + if ((char *)*end - (char *)*start >= INT_MAX / 2) + return 0; + + new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2); if (!new_start) return 0; |