alloc-util: add extra overflow checks to GREEDY_REALLOC()

author: Lennart Poettering <lennart@poettering.net> 2019-03-20 10:31:13 +0100
committer: Lennart Poettering <lennart@poettering.net> 2019-03-20 10:48:33 +0100
commit: 23964f7faf86df7fd297dc5b0a9f1dfb03a0eb56 (patch)
tree: 718e6c40ec7f7a2bdf2223905188c1818f7654e6 /src/basic/alloc-util.c
parent: e5e21a05076e60fe46eab4eb040735250ae3b814 (diff)
download: systemd-23964f7faf86df7fd297dc5b0a9f1dfb03a0eb56.tar.gz
1 files changed, 8 insertions, 4 deletions
diff --git a/src/basic/alloc-util.c b/src/basic/alloc-util.c
index 15b67665d2..f4bd33f4e0 100644
--- a/src/basic/alloc-util.c
+++ b/src/basic/alloc-util.c
@@ -48,13 +48,17 @@ void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size) {
         if (*allocated >= need)
                 return *p;
 
-        newalloc = MAX(need * 2, 64u / size);
-        a = newalloc * size;
+        if (_unlikely_(need > SIZE_MAX/2)) /* Overflow check */
+                return NULL;
 
-        /* check for overflows */
-        if (a < size * need)
+        newalloc = need * 2;
+        if (size_multiply_overflow(newalloc, size))
                 return NULL;
 
+        a = newalloc * size;
+        if (a < 64) /* Allocate at least 64 bytes */
+                a = 64;
+
         q = realloc(*p, a);
         if (!q)
                 return NULL;
author	Lennart Poettering <lennart@poettering.net>	2019-03-20 10:31:13 +0100
committer	Lennart Poettering <lennart@poettering.net>	2019-03-20 10:48:33 +0100
commit	23964f7faf86df7fd297dc5b0a9f1dfb03a0eb56 (patch)
tree	718e6c40ec7f7a2bdf2223905188c1818f7654e6 /src/basic/alloc-util.c
parent	e5e21a05076e60fe46eab4eb040735250ae3b814 (diff)
download	systemd-23964f7faf86df7fd297dc5b0a9f1dfb03a0eb56.tar.gz