diff options
author | Sumit Bose <sbose@redhat.com> | 2010-12-07 17:01:04 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-11 12:20:49 -0500 |
commit | 7fba78363dacbec0c8c5a22ad61fdf5f8f7bb91f (patch) | |
tree | 21ca35656ad824370cd12a15ac0238b201d6bef9 | |
parent | 23853875acc9d6c41ff1667c491492b1a34a99cc (diff) | |
download | sssd2-7fba78363dacbec0c8c5a22ad61fdf5f8f7bb91f.tar.gz sssd2-7fba78363dacbec0c8c5a22ad61fdf5f8f7bb91f.tar.xz sssd2-7fba78363dacbec0c8c5a22ad61fdf5f8f7bb91f.zip |
Add overflow check to SAFEALIGN_COPY_*_CHECK macros
-rw-r--r-- | src/util/util.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/util/util.h b/src/util/util.h index 861bf48a..2b9faa09 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -200,12 +200,14 @@ safealign_memcpy(void *dest, const void *src, size_t n, size_t *counter) SAFEALIGN_SET_VALUE(dest, value, int32_t, pctr) #define SAFEALIGN_COPY_UINT32_CHECK(dest, src, len, pctr) do { \ - if ((*(pctr) + sizeof(uint32_t)) > (len)) return EINVAL; \ + if ((*(pctr) + sizeof(uint32_t)) > (len) || \ + SIZE_T_OVERFLOW(*(pctr), sizeof(uint32_t))) return EINVAL; \ safealign_memcpy(dest, src, sizeof(uint32_t), pctr); \ } while(0) #define SAFEALIGN_COPY_INT32_CHECK(dest, src, len, pctr) do { \ - if ((*(pctr) + sizeof(int32_t)) > (len)) return EINVAL; \ + if ((*(pctr) + sizeof(int32_t)) > (len) || \ + SIZE_T_OVERFLOW(*(pctr), sizeof(int32_t))) return EINVAL; \ safealign_memcpy(dest, src, sizeof(int32_t), pctr); \ } while(0) |