[PATCH] xdr_array and calloc security fix
Wolfram Gloger
wmglo@dent.med.uni-muenchen.de
Fri Aug 2 05:13:00 GMT 2002
> Why not 2^32? size_t is unsigned.
Yes, however malloc can only handle chunks of a little less than 2^31
currently, so the _int_malloc later will fail anyway... But that is
ok, having a power of two as the compared value wins against this
micro-optimisation:
> So you mean something like:
> bytes = n * elem_size;
> if (__builtin_expect ((a | b) >= 65536, 0)) {
> if (bytes / elem_size != n) {
> MALLOC_FAILURE_ACTION;
> return 0;
> }
> }
Hey, nice, avoids the second comparision and ||. Looks like we have a
winner?
Regards,
Wolfram.
More information about the Libc-hacker
mailing list