diff options
author | Sumit Bose <sbose@redhat.com> | 2010-12-07 17:01:04 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-01-11 12:17:53 -0500 |
commit | 86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8 (patch) | |
tree | b3b3d0aa58235274fb07d8436170a9fe9541d940 | |
parent | f15683b4b100351e24e305d25bd4785c79ac8f55 (diff) | |
download | sssd_unused-86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8.tar.gz sssd_unused-86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8.tar.xz sssd_unused-86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8.zip |
Add overflow check to SAFEALIGN_COPY_*_CHECK macros
-rw-r--r-- | src/util/util.h | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/util/util.h b/src/util/util.h index ee229347..61fe7f6c 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -215,17 +215,20 @@ safealign_memcpy(void *dest, const void *src, size_t n, size_t *counter) SAFEALIGN_SET_VALUE(dest, value, uint16_t, pctr) #define SAFEALIGN_COPY_UINT32_CHECK(dest, src, len, pctr) do { \ - if ((*(pctr) + sizeof(uint32_t)) > (len)) return EINVAL; \ + if ((*(pctr) + sizeof(uint32_t)) > (len) || \ + SIZE_T_OVERFLOW(*(pctr), sizeof(uint32_t))) return EINVAL; \ safealign_memcpy(dest, src, sizeof(uint32_t), pctr); \ } while(0) #define SAFEALIGN_COPY_INT32_CHECK(dest, src, len, pctr) do { \ - if ((*(pctr) + sizeof(int32_t)) > (len)) return EINVAL; \ + if ((*(pctr) + sizeof(int32_t)) > (len) || \ + SIZE_T_OVERFLOW(*(pctr), sizeof(int32_t))) return EINVAL; \ safealign_memcpy(dest, src, sizeof(int32_t), pctr); \ } while(0) #define SAFEALIGN_COPY_UINT16_CHECK(dest, src, len, pctr) do { \ - if ((*(pctr) + sizeof(uint16_t)) > (len)) return EINVAL; \ + if ((*(pctr) + sizeof(uint16_t)) > (len) || \ + SIZE_T_OVERFLOW(*(pctr), sizeof(uint16_t))) return EINVAL; \ safealign_memcpy(dest, src, sizeof(uint16_t), pctr); \ } while(0) |