tal/talloc: fix overflow on 64 bit systems

author Rusty Russell <rusty@rustcorp.com.au>

Tue, 10 Jun 2014 05:09:34 +0000 (14:39 +0930)

committer Rusty Russell <rusty@rustcorp.com.au>

Tue, 10 Jun 2014 05:09:34 +0000 (14:39 +0930)
author Rusty Russell <rusty@rustcorp.com.au>
Tue, 10 Jun 2014 05:09:34 +0000 (14:39 +0930)
committer Rusty Russell <rusty@rustcorp.com.au>
Tue, 10 Jun 2014 05:09:34 +0000 (14:39 +0930)
diff --git a/ccan/tal/talloc/talloc.c b/ccan/tal/talloc/talloc.c

index ad21b704d2acc5a0e9b386ce6288500614160d81..fbe9b38474e923610bdcfefb39afee113d5ebcdc 100644 (file)
--- a/ccan/tal/talloc/talloc.c
+++ b/ccan/tal/talloc/talloc.c
@@ -141,6 +141,13 @@ bool tal_talloc_resize_(tal_t **ctxp, size_t size, size_t count)
                 *ctxp = newp;
                 return true;
         }
                 *ctxp = newp;
                 return true;
         }
+
+       /* count is unsigned, not size_t, so check for overflow here! */
+       if ((unsigned)count != count) {
+               call_error("Resize overflos");
+               return false;
+       }
+
         newp = _talloc_realloc_array(NULL, *ctxp, size, count, NULL);
         if (!newp) {
                 call_error("Resize failure");
         newp = _talloc_realloc_array(NULL, *ctxp, size, count, NULL);
         if (!newp) {
                 call_error("Resize failure");
author	Rusty Russell <rusty@rustcorp.com.au>
	Tue, 10 Jun 2014 05:09:34 +0000 (14:39 +0930)
committer	Rusty Russell <rusty@rustcorp.com.au>
	Tue, 10 Jun 2014 05:09:34 +0000 (14:39 +0930)