diff options
| author | Volker Lendecke <vl@samba.org> | 2016-11-16 15:53:45 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2016-11-20 02:28:11 +0100 |
| commit | 8742d239b2ee0d4dd3219c140081f722644044ae (patch) | |
| tree | d84d4dbacfbbb49c3c233c47625a51242ac7a1b6 /lib | |
| parent | 3a8bf0222ac163ddda07130ca10cbe602404a944 (diff) | |
| download | samba-8742d239b2ee0d4dd3219c140081f722644044ae.tar.gz | |
lib: Apply an overflow check
Very unlikely here, as the realloc will have failed long before, but
still I would like to check overflow.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/util/util_file.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/lib/util/util_file.c b/lib/util/util_file.c index 47779510248..52749ea0509 100644 --- a/lib/util/util_file.c +++ b/lib/util/util_file.c @@ -94,17 +94,25 @@ _PUBLIC_ char *x_fgets_slash(char *s2,int maxlen,XFILE *f) s[len] = 0; } if (!s2 && len > maxlen-3) { + int m; char *t; - maxlen *= 2; + m = maxlen * 2; + if (m < maxlen) { + DBG_ERR("length overflow"); + SAFE_FREE(s); + return NULL; + } + maxlen = m; + t = realloc_p(s, char, maxlen); if (!t) { DBG_ERR("failed to expand buffer!\n"); SAFE_FREE(s); return(NULL); - } else { - s = t; } + + s = t; } } return(s); |