using reallocarray() gives us multiplicative integer overflow checking

in case something wants to create massive amounts of environment, like a bit more than 1/4 of a 32-bit address space. unrealistic -- but why audit one code path, and not treat others the same? then you have to re-engage everytime you see the code. read the news, that isn't what developers do. At least if the code paths look the same, there is hope, because they are easier to verify for correctness. developers need to give other developers a chance to want to care.
author: deraadt <> 2014-10-08 05:33:31 +0000
committer: deraadt <> 2014-10-08 05:33:31 +0000
commit: 6b64b344156ef85877e8eefbcda381ac503c3cce (patch)
tree: 6067adf4c1caa2e881bcff1449ac9a745ac22f7d /src/lib
parent: 3004cc1921e3769f49d12ba7ab6a6fbe85c03567 (diff)
download: openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.tar.gz
openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.tar.bz2
openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libc/stdlib/setenv.c b/src/lib/libc/stdlib/setenv.c
index 9060fdba88..10b55445f7 100644
--- a/src/lib/libc/stdlib/setenv.c
+++ b/src/lib/libc/stdlib/setenv.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: setenv.c,v 1.14 2012/09/23 16:08:04 jeremy Exp $ */
+/*      $OpenBSD: setenv.c,v 1.15 2014/10/08 05:33:31 deraadt Exp $ */
 /*
 * Copyright (c) 1987 Regents of the University of California.
 * All rights reserved.
@@ -71,7 +71,7 @@ putenv(char *str)
        for (P = environ; *P != NULL; P++)
                ;
        cnt = P - environ;
-        P = (char **)realloc(lastenv, sizeof(char *) * (cnt + 2));
+        P = reallocarray(lastenv, cnt + 2, sizeof(char *));
        if (!P)
                return (-1);
        if (lastenv != environ)
@@ -129,7 +129,7 @@ setenv(const char *name, const char *value, int rewrite)
                for (P = environ; *P != NULL; P++)
                        ;
                cnt = P - environ;
-                P = (char **)realloc(lastenv, sizeof(char *) * (cnt + 2));
+                P = reallocarray(lastenv, cnt + 2, sizeof(char *));
                if (!P)
                        return (-1);
                if (lastenv != environ)
author	deraadt <>	2014-10-08 05:33:31 +0000
committer	deraadt <>	2014-10-08 05:33:31 +0000
commit	6b64b344156ef85877e8eefbcda381ac503c3cce (patch)
tree	6067adf4c1caa2e881bcff1449ac9a745ac22f7d /src/lib
parent	3004cc1921e3769f49d12ba7ab6a6fbe85c03567 (diff)
download	openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.tar.gz openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.tar.bz2 openbsd-6b64b344156ef85877e8eefbcda381ac503c3cce.zip

diff --git a/src/lib/libc/stdlib/setenv.c b/src/lib/libc/stdlib/setenv.c index 9060fdba88..10b55445f7 100644 --- a/src/lib/libc/stdlib/setenv.c +++ b/src/lib/libc/stdlib/setenv.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: setenv.c,v 1.14 2012/09/23 16:08:04 jeremy Exp $ */	1	/* $OpenBSD: setenv.c,v 1.15 2014/10/08 05:33:31 deraadt Exp $ */
2	/*	2	/*
3	* Copyright (c) 1987 Regents of the University of California.	3	* Copyright (c) 1987 Regents of the University of California.
4	* All rights reserved.	4	* All rights reserved.
@@ -71,7 +71,7 @@ putenv(char *str)
71	for (P = environ; *P != NULL; P++)	71	for (P = environ; *P != NULL; P++)
72	;	72	;
73	cnt = P - environ;	73	cnt = P - environ;
74	P = (char *)realloc(lastenv, sizeof(char ) * (cnt + 2));	74	P = reallocarray(lastenv, cnt + 2, sizeof(char *));
75	if (!P)	75	if (!P)
76	return (-1);	76	return (-1);
77	if (lastenv != environ)	77	if (lastenv != environ)
@@ -129,7 +129,7 @@ setenv(const char name, const char value, int rewrite)
129	for (P = environ; *P != NULL; P++)	129	for (P = environ; *P != NULL; P++)
130	;	130	;
131	cnt = P - environ;	131	cnt = P - environ;
132	P = (char *)realloc(lastenv, sizeof(char ) * (cnt + 2));	132	P = reallocarray(lastenv, cnt + 2, sizeof(char *));
133	if (!P)	133	if (!P)
134	return (-1);	134	return (-1);
135	if (lastenv != environ)	135	if (lastenv != environ)