summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--libvirt-override.c1
-rw-r--r--libvirt-utils.h15
2 files changed, 16 insertions, 0 deletions
diff --git a/libvirt-override.c b/libvirt-override.c
index f459602..cb78e0d 100644
--- a/libvirt-override.c
+++ b/libvirt-override.c
@@ -20,6 +20,7 @@
#include <Python.h>
#include <libvirt/libvirt.h>
#include <libvirt/virterror.h>
+#include <stddef.h>
#include "typewrappers.h"
#include "build/libvirt.h"
#include "libvirt-utils.h"
diff --git a/libvirt-utils.h b/libvirt-utils.h
index aed64e6..c1223fd 100644
--- a/libvirt-utils.h
+++ b/libvirt-utils.h
@@ -28,4 +28,19 @@
# define MIN(a,b) (((a) < (b)) ? (a) : (b))
# endif
+/* Return 1 if an array of N objects, each of size S, cannot exist due
+ to size arithmetic overflow. S must be positive and N must be
+ nonnegative. This is a macro, not a function, so that it
+ works correctly even when SIZE_MAX < N.
+
+ By gnulib convention, SIZE_MAX represents overflow in size
+ calculations, so the conservative dividend to use here is
+ SIZE_MAX - 1, since SIZE_MAX might represent an overflowed value.
+ However, malloc (SIZE_MAX) fails on all known hosts where
+ sizeof (ptrdiff_t) <= sizeof (size_t), so do not bother to test for
+ exactly-SIZE_MAX allocations on such hosts; this avoids a test and
+ branch when S is known to be 1. */
+# define xalloc_oversized(n, s) \
+ ((size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) < (n))
+
#endif /* __LIBVIRT_UTILS_H__ */