<div dir="auto">Looks good.</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Apr 20, 2021, 12:33 PM Sebastian Huber <<a href="mailto:sebastian.huber@embedded-brains.de">sebastian.huber@embedded-brains.de</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">The multiplication to calculate the length of the memory area to<br>
allocate may overflow. Return NULL in case of an overflow.<br>
<br>
Close #4389.<br>
---<br>
cpukit/libcsupport/src/calloc.c | 13 ++++++++++++-<br>
cpukit/libcsupport/src/rtemscalloc.c | 9 ++++++++-<br>
testsuites/libtests/malloctest/init.c | 23 +++++++++++++----------<br>
3 files changed, 33 insertions(+), 12 deletions(-)<br>
<br>
diff --git a/cpukit/libcsupport/src/calloc.c b/cpukit/libcsupport/src/calloc.c<br>
index e015f30d6c..693aa21453 100644<br>
--- a/cpukit/libcsupport/src/calloc.c<br>
+++ b/cpukit/libcsupport/src/calloc.c<br>
@@ -20,7 +20,10 @@<br>
<br>
#if defined(RTEMS_NEWLIB) && !defined(HAVE_CALLOC)<br>
#include <stdlib.h><br>
+<br>
+#include <errno.h><br>
#include <string.h><br>
+<br>
#include <rtems/score/basedefs.h><br>
<br>
void *calloc(<br>
@@ -31,7 +34,15 @@ void *calloc(<br>
void *cptr;<br>
size_t length;<br>
<br>
- length = nelem * elsize;<br>
+ if ( nelem == 0 ) {<br>
+ length = 0;<br>
+ } else if ( elsize > SIZE_MAX / nelem ) {<br>
+ errno = ENOMEM;<br>
+ return NULL;<br>
+ } else {<br>
+ length = nelem * elsize;<br>
+ }<br>
+<br>
cptr = malloc( length );<br>
RTEMS_OBFUSCATE_VARIABLE( cptr );<br>
if ( RTEMS_PREDICT_FALSE( cptr == NULL ) ) {<br>
diff --git a/cpukit/libcsupport/src/rtemscalloc.c b/cpukit/libcsupport/src/rtemscalloc.c<br>
index 4e189e8367..836f1da64d 100644<br>
--- a/cpukit/libcsupport/src/rtemscalloc.c<br>
+++ b/cpukit/libcsupport/src/rtemscalloc.c<br>
@@ -46,7 +46,14 @@ void *rtems_calloc( size_t nelem, size_t elsize )<br>
size_t length;<br>
void *p;<br>
<br>
- length = nelem * elsize;<br>
+ if ( nelem == 0 ) {<br>
+ length = 0;<br>
+ } else if ( elsize > SIZE_MAX / nelem ) {<br>
+ return NULL;<br>
+ } else {<br>
+ length = nelem * elsize;<br>
+ }<br>
+<br>
p = rtems_malloc( length );<br>
RTEMS_OBFUSCATE_VARIABLE( p );<br>
if ( RTEMS_PREDICT_FALSE( p == NULL ) ) {<br>
diff --git a/testsuites/libtests/malloctest/init.c b/testsuites/libtests/malloctest/init.c<br>
index 1d91385683..4d0f421c02 100644<br>
--- a/testsuites/libtests/malloctest/init.c<br>
+++ b/testsuites/libtests/malloctest/init.c<br>
@@ -1190,6 +1190,14 @@ static void test_rtems_calloc(void)<br>
rtems_test_assert(p == NULL);<br>
rtems_test_assert(errno == 0);<br>
<br>
+#pragma GCC diagnostic push<br>
+#pragma GCC diagnostic ignored "-Walloc-size-larger-than=N"<br>
+ errno = 0;<br>
+ p = rtems_calloc(SIZE_MAX, SIZE_MAX);<br>
+ rtems_test_assert(p == NULL);<br>
+ rtems_test_assert(errno == 0);<br>
+#pragma GCC diagnostic pop<br>
+<br>
i = rtems_calloc(1, sizeof(*i));<br>
rtems_test_assert(i != NULL);<br>
rtems_test_assert(*i == 0);<br>
@@ -1313,22 +1321,17 @@ rtems_task Init(<br>
#pragma GCC diagnostic push<br>
#pragma GCC diagnostic ignored "-Walloc-size-larger-than=N"<br>
p1 = calloc( 1, SIZE_MAX );<br>
+ rtems_test_assert( p1 == NULL );<br>
+<br>
+ p1 = calloc( SIZE_MAX, SIZE_MAX );<br>
+ rtems_test_assert( p1 == NULL );<br>
#pragma GCC diagnostic pop<br>
- if (p1) {<br>
- printf("ERROR on attempt to calloc SIZE_MAX block expected failure.");<br>
- free( p1 );<br>
- }<br>
<br>
/*<br>
* Verify error case where malloc of size 0.<br>
*/<br>
p1 = malloc( 0 );<br>
- if (p1) {<br>
- printf("ERROR on attempt to malloc size 0 block expected failure.");<br>
- free( p1 );<br>
- }<br>
-<br>
-<br>
+ rtems_test_assert( p1 == NULL );<br>
<br>
test_heap_initialize();<br>
test_heap_block_allocate();<br>
-- <br>
2.26.2<br>
<br>
_______________________________________________<br>
devel mailing list<br>
<a href="mailto:devel@rtems.org" target="_blank" rel="noreferrer">devel@rtems.org</a><br>
<a href="http://lists.rtems.org/mailman/listinfo/devel" rel="noreferrer noreferrer" target="_blank">http://lists.rtems.org/mailman/listinfo/devel</a><br>
</blockquote></div>