diff options
author | Sumit Bose <sbose@redhat.com> | 2010-12-07 17:01:04 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-11 12:21:09 -0500 |
commit | c66343eaa0da0b61ec6d10853170d4fc38be3b04 (patch) | |
tree | a9d596d605af747ed33d5d1875064c1a9e08c7d3 | |
parent | 82e5f65e0447afe750719969cd8d74befe1ea00b (diff) | |
download | sssd2-sssd-1-3.tar.gz sssd2-sssd-1-3.tar.xz sssd2-sssd-1-3.zip |
Add overflow check to SAFEALIGN_COPY_*_CHECK macrossssd-1-3
-rw-r--r-- | src/util/util.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/util/util.h b/src/util/util.h index 7bb29450..5a6bd0fd 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -199,12 +199,14 @@ safealign_memcpy(void *dest, const void *src, size_t n, size_t *counter) SAFEALIGN_SET_VALUE(dest, value, int32_t, pctr) #define SAFEALIGN_COPY_UINT32_CHECK(dest, src, len, pctr) do { \ - if ((*(pctr) + sizeof(uint32_t)) > (len)) return EINVAL; \ + if ((*(pctr) + sizeof(uint32_t)) > (len) || \ + SIZE_T_OVERFLOW(*(pctr), sizeof(uint32_t))) return EINVAL; \ safealign_memcpy(dest, src, sizeof(uint32_t), pctr); \ } while(0) #define SAFEALIGN_COPY_INT32_CHECK(dest, src, len, pctr) do { \ - if ((*(pctr) + sizeof(int32_t)) > (len)) return EINVAL; \ + if ((*(pctr) + sizeof(int32_t)) > (len) || \ + SIZE_T_OVERFLOW(*(pctr), sizeof(int32_t))) return EINVAL; \ safealign_memcpy(dest, src, sizeof(int32_t), pctr); \ } while(0) |