Print this page
4922 all calloc() implementations should check for overflow

Split Close
Expand all
Collapse all
          --- old/usr/src/lib/libmapmalloc/common/calloc.c
          +++ new/usr/src/lib/libmapmalloc/common/calloc.c
↓ open down ↓ 16 lines elided ↑ open up ↑
  17   17   * information: Portions Copyright [yyyy] [name of copyright owner]
  18   18   *
  19   19   * CDDL HEADER END
  20   20   */
  21   21  
  22   22  /*
  23   23   * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  24   24   * Use is subject to license terms.
  25   25   */
  26   26  
  27      -#pragma ident   "%Z%%M% %I%     %E% SMI"
  28      -
  29   27  #include <stdlib.h>
  30   28  #include <string.h>
       29 +#include <errno.h>
       30 +
  31   31  /*
  32   32   * calloc - allocate and clear memory block
  33   33   */
  34   34  
  35   35  void *
  36   36  calloc(size_t num, size_t size)
  37   37  {
  38   38          void *mp;
       39 +        size_t total;
       40 +
       41 +        if (num == 0 || size == 0) {
       42 +                total = 0;
       43 +        } else {
       44 +                total = num * size;
       45 +
       46 +                /* check for overflow */
       47 +                if ((total / num) != size) {
       48 +                        errno = ENOMEM;
       49 +                        return (NULL);
       50 +                }
       51 +        }
  39   52  
  40      -        num *= size;
  41      -        mp = malloc(num);
       53 +        mp = malloc(total);
  42   54          if (mp == NULL)
  43   55                  return (NULL);
  44      -        (void) memset(mp, 0, num);
       56 +        (void) memset(mp, 0, total);
  45   57          return (mp);
  46   58  }
  47   59  
  48   60  /*ARGSUSED*/
  49   61  void
  50   62  cfree(void *p, size_t num, size_t size)
  51   63  {
  52   64          free(p);
  53   65  }
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX