From 182e93ab6e4ea122687f94400eb4ffa862684035 Mon Sep 17 00:00:00 2001
From: Moriyoshi Koizumi <moriyoshi@php.net>
Date: Tue, 20 Jul 2004 21:55:57 +0000
Subject: - Add safe_pemalloc()

---
 Zend/zend_alloc.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'Zend/zend_alloc.c')

diff --git a/Zend/zend_alloc.c b/Zend/zend_alloc.c
index 4415ae3aa1..b234bc8203 100644
--- a/Zend/zend_alloc.c
+++ b/Zend/zend_alloc.c
@@ -241,6 +241,30 @@ ZEND_API void *_safe_emalloc(size_t nmemb, size_t size, size_t offset ZEND_FILE_
 	return 0;
 }
 
+ZEND_API void *_safe_malloc(size_t nmemb, size_t size, size_t offset)
+{
+
+	if (nmemb < LONG_MAX
+			&& size < LONG_MAX
+			&& offset < LONG_MAX
+			&& nmemb >= 0
+			&& size >= 0
+			&& offset >= 0) {
+		long lval;
+		double dval;
+		int use_dval;
+
+		ZEND_SIGNED_MULTIPLY_LONG(nmemb, size, lval, dval, use_dval);
+
+		if (!use_dval
+				&& lval < (long) (LONG_MAX - offset)) {
+			return pemalloc(lval + offset, 1);
+		}
+	}
+
+	zend_error(E_ERROR, "Possible integer overflow in memory allocation (%zd * %zd + %zd)", nmemb, size, offset);
+	return 0;
+}
 
 
 ZEND_API void _efree(void *ptr ZEND_FILE_LINE_DC ZEND_FILE_LINE_ORIG_DC)
-- 
cgit v1.2.1