[svn] gcry - r1156 - branches/LIBGCRYPT-1-2-BRANCH/src

svn author wk cvs at cvs.gnupg.org
Wed Jun 21 11:16:03 CEST 2006 

Author: wk
Date: 2006-06-21 11:16:02 +0200 (Wed, 21 Jun 2006)
New Revision: 1156

Modified:
   branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog
   branches/LIBGCRYPT-1-2-BRANCH/src/global.c
Log:
Made gxry_xcalloc safe against integer overflow.


Modified: branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog	2006-06-08 11:49:38 UTC (rev 1155)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog	2006-06-21 09:16:02 UTC (rev 1156)
@@ -1,3 +1,8 @@
+2006-06-21  Werner Koch  <wk at g10code.com>
+
+	* global.c (gcry_xcalloc, gcry_xcalloc_secure): made safe against
+	integer overflow.
+
 2005-06-17  Moritz Schulte  <moritz at g10code.com>
 
 	* global.c (gcry_xstrdup): Removed superfluous strcpy call.

Modified: branches/LIBGCRYPT-1-2-BRANCH/src/global.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/global.c	2006-06-08 11:49:38 UTC (rev 1155)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/global.c	2006-06-21 09:16:02 UTC (rev 1156)
@@ -1,6 +1,6 @@
 /* global.c  -	global control functions
  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- *               2004, 2005  Free Software Foundation, Inc.
+ *               2004, 2005, 2006  Free Software Foundation, Inc.
  *
  * This file is part of Libgcrypt.
  *
@@ -600,17 +600,37 @@
 void *
 gcry_xcalloc( size_t n, size_t m )
 {
-    void *p = gcry_xmalloc( n*m );
-    memset( p, 0, n*m );
-    return p;
+  size_t nbytes;
+  void *p;
+
+  nbytes = n * m; 
+  if (m && nbytes / m != n) 
+    {
+      errno = ENOMEM;
+      _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL );
+    }
+
+  p = gcry_xmalloc ( nbytes );
+  memset ( p, 0, nbytes );
+  return p;
 }
 
 void *
 gcry_xcalloc_secure( size_t n, size_t m )
 {
-    void *p = gcry_xmalloc_secure( n* m );
-    memset( p, 0, n*m );
-    return p;
+  size_t nbytes;
+  void *p;
+
+  nbytes = n * m; 
+  if (m && nbytes / m != n) 
+    {
+      errno = ENOMEM;
+      _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL );
+    }
+
+  p = gcry_xmalloc_secure ( nbytes );
+  memset ( p, 0, nbytes );
+  return p;
 }
 
 char *

More information about the Gnupg-commits mailing list