8597553f96
- Support an arbitrary number of search domains (#168253) - Detect and apply /etc/resolv.conf changes in libresolv (#1374239) - CVE-2015-5180: DNS stub resolver crash with crafted record type (#1251403)
38 lines
1.3 KiB
Diff
38 lines
1.3 KiB
Diff
Add the check_mul_overflow_size_t function from this upstream commit:
|
|
|
|
commit 2e0bbbfbf95fc9e22692e93658a6fbdd2d4554da
|
|
Author: Dennis Wölfing <denniswoelfing@gmx.de>
|
|
Date: Tue May 30 18:26:19 2017 -0300
|
|
|
|
Add reallocarray function
|
|
|
|
diff --git a/malloc/malloc-internal.h b/malloc/malloc-internal.h
|
|
index de6103d7e1e06799..dbd801a58eeceabf 100644
|
|
--- a/malloc/malloc-internal.h
|
|
+++ b/malloc/malloc-internal.h
|
|
@@ -81,5 +81,24 @@ void __malloc_fork_unlock_parent (void) internal_function attribute_hidden;
|
|
/* Called in the child process after a fork. */
|
|
void __malloc_fork_unlock_child (void) internal_function attribute_hidden;
|
|
|
|
+/* Set *RESULT to LEFT * RIGHT. Return true if the multiplication
|
|
+ overflowed. */
|
|
+static inline bool
|
|
+check_mul_overflow_size_t (size_t left, size_t right, size_t *result)
|
|
+{
|
|
+#if __GNUC__ >= 5
|
|
+ return __builtin_mul_overflow (left, right, result);
|
|
+#else
|
|
+ /* size_t is unsigned so the behavior on overflow is defined. */
|
|
+ *result = left * right;
|
|
+ size_t half_size_t = ((size_t) 1) << (8 * sizeof (size_t) / 2);
|
|
+ if (__glibc_unlikely ((left | right) >= half_size_t))
|
|
+ {
|
|
+ if (__glibc_unlikely (right != 0 && *result / right != left))
|
|
+ return true;
|
|
+ }
|
|
+ return false;
|
|
+#endif
|
|
+}
|
|
|
|
#endif /* _MALLOC_INTERNAL_H */
|