diff options
| author | Werner Koch <wk@gnupg.org> | 2002-12-09 10:43:45 +0000 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2002-12-09 10:43:45 +0000 |
| commit | ef9102eb4ed03a863c7d9088d74334b8b94dc5c7 (patch) | |
| tree | e334c90a9691c7f78c7cdaa6bda71444fe1ce8ad /src | |
| parent | f02f6b7e1fd2f51f916e29bccdcd89f26d620a3b (diff) | |
| download | libgcrypt-ef9102eb4ed03a863c7d9088d74334b8b94dc5c7.tar.gz | |
* global.c (gcry_calloc,gcry_calloc_secure): Check for overflow.
Noted by Florian Weimer.
Diffstat (limited to 'src')
| -rw-r--r-- | src/ChangeLog | 5 | ||||
| -rw-r--r-- | src/gcrypt.h | 2 | ||||
| -rw-r--r-- | src/global.c | 42 |
3 files changed, 38 insertions, 11 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index 1b5994e5..1ace0637 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,8 @@ +2002-12-09 Werner Koch <wk@gnupg.org> + + * global.c (gcry_calloc,gcry_calloc_secure): Check for overflow. + Noted by Florian Weimer. + 2002-11-10 Simon Josefsson <jas@extundo.com> * gcrypt.h (gcry_ctl_cmds): New GCRYCTL_SET_CBC_CTS control flag. diff --git a/src/gcrypt.h b/src/gcrypt.h index b301b71b..85049790 100644 --- a/src/gcrypt.h +++ b/src/gcrypt.h @@ -37,7 +37,7 @@ extern "C" { autoconf (using the AM_PATH_GCRYPT macro) check that this header matches the installed library. Note: Do not edit the next line as configure may fix the string here. */ -#define GCRYPT_VERSION "1.1.10" +#define GCRYPT_VERSION "1.1.11" /* Internal: We can't to use the convenience macros for the multi precision integer functions when building this library. */ diff --git a/src/global.c b/src/global.c index 20e74a10..1a6ff509 100644 --- a/src/global.c +++ b/src/global.c @@ -25,6 +25,8 @@ #include <stdarg.h> #include <ctype.h> #include <assert.h> +#include <limits.h> +#include <errno.h> #include "g10lib.h" #include "cipher.h" @@ -438,21 +440,41 @@ gcry_free( void *p ) } void * -gcry_calloc( size_t n, size_t m ) +gcry_calloc (size_t n, size_t m) { - void *p = gcry_malloc( n*m ); - if( p ) - memset( p, 0, n*m ); - return p; + size_t bytes; + void *p; + + bytes = n * m; /* size_t is unsigned so the behavior on overflow is defined. */ + if (m && bytes / m != n) + { + errno = ENOMEM; + return NULL; + } + + p = gcry_malloc (bytes); + if (p) + memset (p, 0, bytes); + return p; } void * -gcry_calloc_secure( size_t n, size_t m ) +gcry_calloc_secure (size_t n, size_t m) { - void *p = gcry_malloc_secure( n*m ); - if( p ) - memset( p, 0, n*m ); - return p; + size_t bytes; + void *p; + + bytes = n * m; /* size_t is unsigned so the behavior on overflow is defined. */ + if (m && bytes / m != n) + { + errno = ENOMEM; + return NULL; + } + + p = gcry_malloc_secure (bytes); + if (p) + memset (p, 0, bytes); + return p; } |