blob: ad1bb80ac0de37b78884df05ffaabcc5e4407979 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
--- a/vendor/hiredis/alloc.c
+++ b/vendor/hiredis/alloc.c
@@ -68,6 +68,10 @@ void *hi_malloc(size_t size) {
}
void *hi_calloc(size_t nmemb, size_t size) {
+ /* Overflow check as the user can specify any arbitrary allocator */
+ if (SIZE_MAX / size < nmemb)
+ return NULL;
+
return hiredisAllocFns.callocFn(nmemb, size);
}
diff --git a/alloc.h b/alloc.h
index 34a05f4..771f9fe 100644
--- a/vendor/hiredis/alloc.h
+++ b/vendor/hiredis/alloc.h
@@ -32,6 +32,7 @@
#define HIREDIS_ALLOC_H
#include <stddef.h> /* for size_t */
+#include <stdint.h>
#ifdef __cplusplus
extern "C" {
@@ -59,6 +60,10 @@ static inline void *hi_malloc(size_t size) {
}
static inline void *hi_calloc(size_t nmemb, size_t size) {
+ /* Overflow check as the user can specify any arbitrary allocator */
+ if (SIZE_MAX / size < nmemb)
+ return NULL;
+
return hiredisAllocFns.callocFn(nmemb, size);
}
|
