3b825735d8
Stateless and I stumbled upon this issue while discussing the semantics of read, accepting a size_t but only being able to return ssize_t, effectively lacking the ability to report successful reads > SSIZE_MAX. The discussion went along and we came to the topic of input-based memory allocations. Basically, it was possible for the argument to a memory-allocation-function to overflow, leading to a segfault later. The OpenBSD-guys came up with the ingenious reallocarray-function, and I implemented it as ereallocarray, which automatically returns on error. Read more about it here[0]. A simple testcase is this (courtesy to stateless): $ sbase-strings -n (2^(32|64) / 4) This will segfault before this patch and properly return an OOM- situation afterwards (thanks to the overflow-check in reallocarray). [0]: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/calloc.3 |
||
|---|---|---|
| .. | ||
| agetcwd.c | ||
| apathmax.c | ||
| concat.c | ||
| cp.c | ||
| crypt.c | ||
| ealloc.c | ||
| enmasse.c | ||
| eprintf.c | ||
| eregcomp.c | ||
| estrtod.c | ||
| fnck.c | ||
| getlines.c | ||
| human.c | ||
| md5.c | ||
| mode.c | ||
| putword.c | ||
| reallocarray.c | ||
| recurse.c | ||
| rm.c | ||
| sha1.c | ||
| sha256.c | ||
| sha512.c | ||
| strcasestr.c | ||
| strlcat.c | ||
| strlcpy.c | ||
| strsep.c | ||
| strtonum.c | ||
| unescape.c | ||