Print this page
new smatch

*** 101,110 **** --- 101,112 ---- if (!blob || blob->left < size) { unsigned int offset, chunking = desc->chunking; struct allocation_blob *newblob = blob_alloc(chunking); if (!newblob) die("out of memory"); + if (size > chunking) + die("alloc too big"); desc->total_bytes += chunking; newblob->next = blob; blob = newblob; desc->blobs = newblob; offset = offsetof(struct allocation_blob, data);