Re: [gnutls-devel] GnuTLS | build: avoid potential integer overflow in array allocation (!1392)

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: [gnutls-devel] GnuTLS | build: avoid potential integer overflow in array allocation (!1392)

Read-only notification of GnuTLS library development activities
GitLab

Daiki Ueno commented on a discussion:

I've added checks for additions as well. Could you check?


_______________________________________________
Gnutls-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnutls-devel
Reply | Threaded
Open this post in threaded view
|

Re: [gnutls-devel] GnuTLS | build: avoid potential integer overflow in array allocation (!1392)

Read-only notification of GnuTLS library development activities
GitLab
Merge request !1392 was reviewed by Stanislav Židek

Stanislav Židek started a new discussion on lib/mem.h:

32
+void *_gnutls_reallocarray_fast(void *ptr, size_t nmemb, size_t size);
32 33
 
33 34
 void *_gnutls_calloc(size_t nmemb, size_t size);

Should we remove this function? Everything should use _gnutls_reallocarray.... Does initial _ indicate this is not part of API?


_______________________________________________
Gnutls-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnutls-devel
Reply | Threaded
Open this post in threaded view
|

Re: [gnutls-devel] GnuTLS | build: avoid potential integer overflow in array allocation (!1392)

Read-only notification of GnuTLS library development activities
In reply to this post by Read-only notification of GnuTLS library development activities
GitLab

Daiki Ueno commented on a discussion on lib/mem.h:

25 25
 
26 26
 #include <config.h>
27 27
 
28
-/* this realloc function will return ptr if size==0, and
29
- * will free the ptr if the new allocation failed.
28
+/* These realloc functions will return ptr if size==0, and will free
29
+ * the ptr if the new allocation failed.
30 30
  */
31 31
 void *gnutls_realloc_fast(void *ptr, size_t size);
32
+void *_gnutls_reallocarray_fast(void *ptr, size_t nmemb, size_t size);
32 33
 
33 34
 void *_gnutls_calloc(size_t nmemb, size_t size);

Well spotted, thanks!


_______________________________________________
Gnutls-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnutls-devel
Reply | Threaded
Open this post in threaded view
|

Re: [gnutls-devel] GnuTLS | build: avoid potential integer overflow in array allocation (!1392)

Read-only notification of GnuTLS library development activities
In reply to this post by Read-only notification of GnuTLS library development activities
GitLab

All discussions on Merge Request !1392 were resolved by Daiki Ueno


_______________________________________________
Gnutls-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnutls-devel
Reply | Threaded
Open this post in threaded view
|

Re: [gnutls-devel] GnuTLS | build: avoid potential integer overflow in array allocation (!1392)

Read-only notification of GnuTLS library development activities
In reply to this post by Read-only notification of GnuTLS library development activities
GitLab
Re: GnuTLS | build: avoid potential integer overflow in array allocation (!1392)
GitLab
✓ Merge request was scheduled to merge after pipeline succeeds
 
Merge request icon Merge request !1392 was scheduled to merge after pipeline succeeds by Avatar Daiki Ueno
 
Project gnutls / GnuTLS
Branch
Branch icon wip/dueno/reallocarray
Author
Avatar Daiki Ueno

_______________________________________________
Gnutls-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnutls-devel
Reply | Threaded
Open this post in threaded view
|

Re: [gnutls-devel] GnuTLS | build: avoid potential integer overflow in array allocation (!1392)

Read-only notification of GnuTLS library development activities
In reply to this post by Read-only notification of GnuTLS library development activities
GitLab

Merge Request !1392 was merged


_______________________________________________
Gnutls-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnutls-devel