From 1232c44718b04024d1cccecb5c0ae75c311eaea3 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 27 Apr 2018 14:27:14 +0200 Subject: [PATCH] alloca: add an overflow check too Of course, alloca() shouldn't be used with anything that can grow without bounds anyway, but let's better safe than sorry, and catch this early. Since alloca() is not supposed to return an error we trigger an assert() instead, which is still better than heap trickery. --- src/basic/alloc-util.h | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h index 88cd6b0bc25..bae6a284513 100644 --- a/src/basic/alloc-util.h +++ b/src/basic/alloc-util.h @@ -18,9 +18,17 @@ #define new0(t, n) ((t*) calloc((n), sizeof(t))) -#define newa(t, n) ((t*) alloca(sizeof(t)*(n))) +#define newa(t, n) \ + ({ \ + assert(!size_multiply_overflow(sizeof(t), n)); \ + (t*) alloca(sizeof(t)*(n)); \ + }) -#define newa0(t, n) ((t*) alloca0(sizeof(t)*(n))) +#define newa0(t, n) \ + ({ \ + assert(!size_multiply_overflow(sizeof(t), n)); \ + (t*) alloca0(sizeof(t)*(n)); \ + }) #define newdup(t, p, n) ((t*) memdup_multiply(p, sizeof(t), (n)))