From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 20 Sep 2012 15:53:03 +0000 (+0200)
Subject: util: fix overflow checks
X-Git-Tag: v190~6
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=aa408e7799cf01f048efedf434916544b4badc77;hp=3f8cc098d218525710e5cbad9adf37001d3b6060;ds=sidebyside

util: fix overflow checks
---

diff --git a/src/shared/util.c b/src/shared/util.c
index 02ee6374c..be94515d9 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1184,7 +1184,7 @@ char *strnappend(const char *s, const char *suffix, size_t b) {
         assert(suffix);
 
         a = strlen(s);
-        if ((size_t) -1 - a > b)
+        if (b > ((size_t) -1) - a)
                 return NULL;
 
         r = new(char, a+b+1);
diff --git a/src/shared/util.h b/src/shared/util.h
index 2e49cfde2..e1d4735ee 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -545,14 +545,14 @@ void closedirp(DIR **d);
 void umaskp(mode_t *u);
 
 _malloc_  static inline void *malloc_multiply(size_t a, size_t b) {
-        if (_unlikely_(a > ((size_t) -1) / b))
+        if (_unlikely_(b == 0 || a > ((size_t) -1) / b))
                 return NULL;
 
         return malloc(a * b);
 }
 
 _malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
-        if (_unlikely_(a > ((size_t) -1) / b))
+        if (_unlikely_(b == 0 || a > ((size_t) -1) / b))
                 return NULL;
 
         return memdup(p, a * b);