Print this page
4922 all calloc() implementations should check for overflow

*** 205,219 **** void * calloc(size_t num, size_t size) { void * mp; ! num *= size; ! if ((mp = malloc(num)) == NULL) return (NULL); ! (void) memset(mp, 0, num); return (mp); } void * realloc(void *ptr, size_t size) --- 205,231 ---- void * calloc(size_t num, size_t size) { void * mp; + size_t total; ! if (num == 0 || size == 0) { ! total = 0; ! } else { ! total = num * size; ! ! /* check for overflow */ ! if ((total / num) != size) { ! errno = ENOMEM; return (NULL); ! } ! } ! ! if ((mp = malloc(total)) == NULL) ! return (NULL); ! (void) memset(mp, 0, total); return (mp); } void * realloc(void *ptr, size_t size)