using reallocarray() gives us multiplicative integer overflow checking - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	deraadt <>	2014-10-08 05:33:31 +0000
committer	deraadt <>	2014-10-08 05:33:31 +0000
commit	6b64b344156ef85877e8eefbcda381ac503c3cce (patch)
tree	6067adf4c1caa2e881bcff1449ac9a745ac22f7d /src/lib/libssl/doc/SSL_get_ex_new_index.3
parent	3004cc1921e3769f49d12ba7ab6a6fbe85c03567 (diff)
download	openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.tar.gz openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.tar.bz2 openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.zip

using reallocarray() gives us multiplicative integer overflow checking

in case something wants to create massive amounts of environment, like a bit more than 1/4 of a 32-bit address space. unrealistic -- but why audit one code path, and not treat others the same? then you have to re-engage everytime you see the code. read the news, that isn't what developers do. At least if the code paths look the same, there is hope, because they are easier to verify for correctness. developers need to give other developers a chance to want to care.

Diffstat (limited to 'src/lib/libssl/doc/SSL_get_ex_new_index.3')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: