Print this page
4922 all calloc() implementations should check for overflow
*** 329,339 ****
void *
calloc(size_t nelem, size_t bytes)
{
void * ptr;
! size_t size = nelem * bytes;
ptr = malloc(size);
if (ptr == NULL)
return (NULL);
(void) memset(ptr, 0, size);
--- 329,351 ----
void *
calloc(size_t nelem, size_t bytes)
{
void * ptr;
! size_t size;
!
! if (nelem == 0 || bytes == 0) {
! size = 0;
! } else {
! size = nelem * bytes;
!
! /* check for overflow */
! if ((size / nelem) != bytes) {
! errno = ENOMEM;
! return (NULL);
! }
! }
ptr = malloc(size);
if (ptr == NULL)
return (NULL);
(void) memset(ptr, 0, size);