Module Name: src
Committed By: riastradh
Date: Sat Aug 12 12:47:17 UTC 2023
Modified Files:
src/lib/libc/gen: vis.c
Log Message:
vis(3): Avoid arithmetic overflow before calloc(3).
Prompted by PR lib/57573.
XXX pullup-10
XXX pullup-9
XXX pullup-8
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.79 src/lib/libc/gen/vis.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libc/gen/vis.c
diff -u src/lib/libc/gen/vis.c:1.78 src/lib/libc/gen/vis.c:1.79
--- src/lib/libc/gen/vis.c:1.78 Sat Aug 12 12:46:50 2023
+++ src/lib/libc/gen/vis.c Sat Aug 12 12:47:17 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: vis.c,v 1.78 2023/08/12 12:46:50 riastradh Exp $ */
+/* $NetBSD: vis.c,v 1.79 2023/08/12 12:47:17 riastradh Exp $ */
/*-
* Copyright (c) 1989, 1993
@@ -57,7 +57,7 @@
#include <sys/cdefs.h>
#if defined(LIBC_SCCS) && !defined(lint)
-__RCSID("$NetBSD: vis.c,v 1.78 2023/08/12 12:46:50 riastradh Exp $");
+__RCSID("$NetBSD: vis.c,v 1.79 2023/08/12 12:47:17 riastradh Exp $");
#endif /* LIBC_SCCS and not lint */
#ifdef __FBSDID
__FBSDID("$FreeBSD$");
@@ -432,6 +432,14 @@ istrsenvisx(char **mbdstp, size_t *dlen,
* return to the caller.
*/
+ /*
+ * Guarantee the arithmetic on input to calloc won't overflow.
+ */
+ if (mbslength > (SIZE_MAX - 1)/16) {
+ errno = ENOMEM;
+ return -1;
+ }
+
/* Allocate space for the wide char strings */
psrc = pdst = extra = NULL;
mdst = NULL;
