util: fix overflow checks

diff --git a/src/shared/util.c b/src/shared/util.c
index 02ee6374c33aa2f50bf9c777c557d823f6bec3b1..be94515d9d8740e852a8fa56ca461676d2456bd6 100644 (file)
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1184,7 +1184,7 @@ char *strnappend(const char *s, const char *suffix, size_t b) {
         assert(suffix);
 
         a = strlen(s);
         assert(suffix);
 
         a = strlen(s);

-        if ((size_t) -1 - a > b)
+        if (b > ((size_t) -1) - a)

                 return NULL;
 
         r = new(char, a+b+1);
                 return NULL;
 
         r = new(char, a+b+1);

diff --git a/src/shared/util.h b/src/shared/util.h
index 2e49cfde2efda507b6546929387e129b3b15b409..e1d4735ee38dec94278118343fd89d6b0cba6e69 100644 (file)
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -545,14 +545,14 @@ void closedirp(DIR **d);
 void umaskp(mode_t *u);
 
 _malloc_  static inline void *malloc_multiply(size_t a, size_t b) {
 void umaskp(mode_t *u);
 
 _malloc_  static inline void *malloc_multiply(size_t a, size_t b) {

-        if (_unlikely_(a > ((size_t) -1) / b))
+        if (_unlikely_(b == 0 || a > ((size_t) -1) / b))

                 return NULL;
 
         return malloc(a * b);
 }
 
 _malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
                 return NULL;
 
         return malloc(a * b);
 }
 
 _malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) {

-        if (_unlikely_(a > ((size_t) -1) / b))
+        if (_unlikely_(b == 0 || a > ((size_t) -1) / b))

                 return NULL;
 
         return memdup(p, a * b);
                 return NULL;
 
         return memdup(p, a * b);