diff options
| author | Russ Allbery <eagle@eyrie.org> | 2014-06-15 17:23:11 -0700 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2014-06-15 17:29:31 -0700 |
| commit | b6b2009aa32869a2a988ba458b45b044264cfd78 (patch) | |
| tree | 29c7563192eff189977c9e3d825a13d89850a86b /php | |
| parent | eda08b4d3519065c5bb241331feccde30d63383c (diff) | |
Use calloc and reallocarray and add malloc overflow checks
Use calloc in preference to calculating a malloc size with
multiplication everywhere, and reallocarray in preference to
calculating a realloc size. In most places this caution was probably
not necessary, but uniformity is easier to audit and no one will ever
notice the speed difference between malloc and calloc. Add explicit
overflow checks before every remaining malloc call with a calculated
size.
Change-Id: Ifc8e577b32d45751b9d64955aa1cace8a5dedde0
Reviewed-on: https://gerrit.stanford.edu/1491
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
Diffstat (limited to 'php')
| -rw-r--r-- | php/php_remctl.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/php/php_remctl.c b/php/php_remctl.c index 6ba2cb9..7e21f48 100644 --- a/php/php_remctl.c +++ b/php/php_remctl.c @@ -6,7 +6,7 @@ * * Originally written by Andrew Mortensen <admorten@umich.edu>, 2008 * Copyright 2008 Andrew Mortensen <admorten@umich.edu> - * Copyright 2008, 2011, 2012 + * Copyright 2008, 2011, 2012, 2014 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -133,9 +133,9 @@ ZEND_FUNCTION(remctl) * is less than ideal because we make another copy of all of the * arguments. There should be some way to do this without making a copy. */ - command = emalloc((count + 1) * sizeof(char *)); + command = ecalloc(count + 1, sizeof(char *)); if (command == NULL) { - zend_error(E_WARNING, "remctl: emalloc failed\n"); + zend_error(E_WARNING, "remctl: ecalloc failed\n"); RETURN_NULL(); } i = 0; @@ -358,9 +358,9 @@ ZEND_FUNCTION(remctl_command) * than ideal because it makes another copy of all of the data. There * should be some way to do this without copying. */ - cmd_vec = emalloc(count * sizeof(struct iovec)); + cmd_vec = ecalloc(count, sizeof(struct iovec)); if (cmd_vec == NULL) { - zend_error(E_WARNING, "remctl_command: emalloc failed\n"); + zend_error(E_WARNING, "remctl_command: ecalloc failed\n"); RETURN_FALSE; } i = 0; |