This is the mail archive of the libc-hacker@sources.redhat.com mailing list for the glibc project.

Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] xdr_array and calloc security fix

From: Wolfram Gloger <wmglo at dent dot med dot uni-muenchen dot de>
To: libc-hacker at sources dot redhat dot com
Date: 2 Aug 2002 09:29:45 -0000
Subject: Re: [PATCH] xdr_array and calloc security fix
References: <20020802004635.Y20867@sunsite.ms.mff.cuni.cz>

Hi,

> +  /* size_t is unsigned so the behavior on overflow is defined.  */
> +  bytes = n * elem_size;
> +  if (bytes / elem_size != n) {
> +    MALLOC_FAILURE_ACTION;
> +    return 0;
> +  }

This is of course correct, but some (long) time ago I've measured that
the cost for the division is quite noticeable, for say, the very
common calloc(1, small_size).

I've given up on being able to do this fast _and_ portably.

Do we already have some system-specific mechanism to detect the rare
overflow case for a 32bit-multiplication without having to perform a
division?

Regards,
Wolfram.

Follow-Ups:
- Re: [PATCH] xdr_array and calloc security fix
  - From: Ulrich Drepper

References:
- [PATCH] xdr_array and calloc security fix
  - From: Jakub Jelinek

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]