65878a
From aa37345b6b9c0910d871d05ff028c257b657ffb7 Mon Sep 17 00:00:00 2001
65878a
From: Lennart Poettering <lennart@poettering.net>
65878a
Date: Tue, 10 Dec 2013 18:53:03 +0000
65878a
Subject: [PATCH] util: check for overflow in greedy_realloc()
65878a
65878a
Conflicts:
65878a
	src/shared/util.c
65878a
---
65878a
 src/shared/util.c | 8 ++++++++
65878a
 1 file changed, 8 insertions(+)
65878a
65878a
diff --git a/src/shared/util.c b/src/shared/util.c
65878a
index 8a542da..e9b8255 100644
65878a
--- a/src/shared/util.c
65878a
+++ b/src/shared/util.c
65878a
@@ -5838,10 +5838,18 @@ void* greedy_realloc(void **p, size_t *allocated, size_t need) {
65878a
         size_t a;
65878a
         void *q;
65878a
 
65878a
+        assert(p);
65878a
+        assert(allocated);
65878a
+
65878a
         if (*allocated >= need)
65878a
                 return *p;
65878a
 
65878a
         a = MAX(64u, need * 2);
65878a
+
65878a
+        /* check for overflows */
65878a
+        if (a < need)
65878a
+                return NULL;
65878a
+
65878a
         q = realloc(*p, a);
65878a
         if (!q)
65878a
                 return NULL;