summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2010-12-07 17:01:04 +0100
committerStephen Gallagher <sgallagh@redhat.com>2011-01-11 12:17:53 -0500
commit86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8 (patch)
treeb3b3d0aa58235274fb07d8436170a9fe9541d940
parentf15683b4b100351e24e305d25bd4785c79ac8f55 (diff)
downloadsssd_unused-86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8.tar.gz
sssd_unused-86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8.tar.xz
sssd_unused-86aa3e41afb1b47b59ddfbd52b84b977bb1bb2f8.zip
Add overflow check to SAFEALIGN_COPY_*_CHECK macros
-rw-r--r--src/util/util.h9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/util/util.h b/src/util/util.h
index ee229347..61fe7f6c 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -215,17 +215,20 @@ safealign_memcpy(void *dest, const void *src, size_t n, size_t *counter)
SAFEALIGN_SET_VALUE(dest, value, uint16_t, pctr)
#define SAFEALIGN_COPY_UINT32_CHECK(dest, src, len, pctr) do { \
- if ((*(pctr) + sizeof(uint32_t)) > (len)) return EINVAL; \
+ if ((*(pctr) + sizeof(uint32_t)) > (len) || \
+ SIZE_T_OVERFLOW(*(pctr), sizeof(uint32_t))) return EINVAL; \
safealign_memcpy(dest, src, sizeof(uint32_t), pctr); \
} while(0)
#define SAFEALIGN_COPY_INT32_CHECK(dest, src, len, pctr) do { \
- if ((*(pctr) + sizeof(int32_t)) > (len)) return EINVAL; \
+ if ((*(pctr) + sizeof(int32_t)) > (len) || \
+ SIZE_T_OVERFLOW(*(pctr), sizeof(int32_t))) return EINVAL; \
safealign_memcpy(dest, src, sizeof(int32_t), pctr); \
} while(0)
#define SAFEALIGN_COPY_UINT16_CHECK(dest, src, len, pctr) do { \
- if ((*(pctr) + sizeof(uint16_t)) > (len)) return EINVAL; \
+ if ((*(pctr) + sizeof(uint16_t)) > (len) || \
+ SIZE_T_OVERFLOW(*(pctr), sizeof(uint16_t))) return EINVAL; \
safealign_memcpy(dest, src, sizeof(uint16_t), pctr); \
} while(0)