[gnutls-devel] GnuTLS | fix possible memory leakage (!1714)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Fri Feb 24 23:07:48 CET 2023
Daiki Ueno started a new discussion on src/serv.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1714#note_1292121419
> return GNUTLS_E_DB_ERROR;
> }
> cache_db_alloc = cache_db_alloc * 2 + 1;
> - cache_db = realloc(cache_db,
> - cache_db_alloc * sizeof(CACHE));
> - if (!cache_db)
> + ptr = realloc(cache_db,
I suggest using `xreallocarray` ([defined](https://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=blob;f=lib/xalloc.h;h=f373c2fe59959fbeda4a04a6297d59d735967d0b;hb=HEAD#l80) in "xalloc.h"), which checks integer overflow on the multiplication and also aborts the program when allocation fails.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1714#note_1292121419
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20230224/0e014005/attachment-0001.html>
More information about the Gnutls-devel
mailing list