Skip to content
This repository has been archived by the owner on Mar 15, 2019. It is now read-only.

Commit

Permalink
Avoid overflowing allocation size in CallMalloc()
Browse files Browse the repository at this point in the history 
The wraparound could happen if USE_MAGIC_HEADERS is enabled.
  • Loading branch information
@xiw
xiw committed Apr 14, 2012
1 parent 2965eca commit 1a75975
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion nedmalloc.c
View file
Expand Up @@ -328,7 +328,11 @@ static FORCEINLINE NEDMALLOCNOALIASATTR NEDMALLOCPTRATTR void *CallMalloc(void *
#if USE_MAGIC_HEADERS
size_t _alignment=alignment;
size_t *_ret=0;
size+=alignment+3*sizeof(size_t);
size_t bytes=size+alignment+3*sizeof(size_t);
/* Avoid addition overflow. */
if(bytes<size)
return 0;
size=bytes;
_alignment=0;
#endif
#if USE_ALLOCATOR==0
Expand Down

0 comments on commit 1a75975

Please sign in to comment.