Print this page
4922 all calloc() implementations should check for overflow
*** 25,44 ****
*/
/* Copyright (c) 1988 AT&T */
/* All Rights Reserved */
- #pragma ident "%Z%%M% %I% %E% SMI"
-
#include <sys/types.h>
#ifndef debug
#define NDEBUG
#endif
#include <stdlib.h>
#include <string.h>
#include "assert.h"
#include "malloc.h"
#include "mallint.h"
#include <thread.h>
#include <pthread.h>
--- 25,43 ----
*/
/* Copyright (c) 1988 AT&T */
/* All Rights Reserved */
#include <sys/types.h>
#ifndef debug
#define NDEBUG
#endif
#include <stdlib.h>
#include <string.h>
+ #include <errno.h>
#include "assert.h"
#include "malloc.h"
#include "mallint.h"
#include <thread.h>
#include <pthread.h>
*** 843,858 ****
void *
calloc(size_t num, size_t size)
{
char *mp;
! num *= size;
! mp = malloc(num);
if (mp == NULL)
return (NULL);
! (void) memset(mp, 0, num);
return (mp);
}
/*
--- 842,869 ----
void *
calloc(size_t num, size_t size)
{
char *mp;
+ size_t total;
+
+ if (num == 0 || size == 0) {
+ total = 0;
+ } else {
+ total = num * size;
+
+ /* check for overflow */
+ if ((total / num) != size) {
+ errno = ENOMEM;
+ return (NULL);
+ }
+ }
! mp = malloc(total);
if (mp == NULL)
return (NULL);
! (void) memset(mp, 0, total);
return (mp);
}
/*