From cbec7032ee36346649fc5ebecc4b1c01f01178f1 Mon Sep 17 00:00:00 2001 From: Scarlett Date: Thu, 15 Jan 2015 19:38:11 +0900 Subject: Add overflow detection Origin: http://marc.info/?l=openbsd-ports&m=142090828929750&w=2 * main.c: Call exit(1) when out of memory to avoid dereferencing null pointers when gc's malloc fails. * alloc.h: Replacements for w3m's allocation macros which add overflow detection and concentrate the macros in one file. * indep.h, libwc/charset.c, libwc/status.c, matrix.c: Use the overflow-detecting allocation macros from alloc.h. --- alloc.h | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 alloc.h (limited to 'alloc.h') diff --git a/alloc.h b/alloc.h new file mode 100644 index 0000000..7d23414 --- /dev/null +++ b/alloc.h @@ -0,0 +1,39 @@ +/* + * by Scarlett. public domain. + * replacements for w3m's allocation macros which add overflow + * detection and concentrate the macros in one file + */ +#ifndef W3_ALLOC_H +#define W3_ALLOC_H +#include +#include +#include +#include + +static inline size_t +z_mult_no_oflow_(size_t n, size_t size) +{ + if (size != 0 && n > SIZE_MAX / size) { + fprintf(stderr, + "w3m: overflow in malloc, %zu*%zu\n", n, size); + exit(1); + } + return n * size; +} + +#define New(type) \ + (GC_MALLOC(sizeof(type))) + +#define NewAtom(type) \ + (GC_MALLOC_ATOMIC(sizeof(type))) + +#define New_N(type, n) \ + (GC_MALLOC(z_mult_no_oflow_((n), sizeof(type)))) + +#define NewAtom_N(type, n) \ + (GC_MALLOC_ATOMIC(z_mult_no_oflow_((n), sizeof(type)))) + +#define New_Reuse(type, ptr, n) \ + (GC_REALLOC((ptr), z_mult_no_oflow_((n), sizeof(type)))) + +#endif /* W3_ALLOC_H */ -- cgit v1.2.3