Check against SIZE_MAX for insane allocations - lemoncake

commit 85bebea299be4a944cc0c12dce4c128735af5c24
parent aefbbb77a3545f61db7b84fb357a51840bc6af73
Author: sin <sin@2f30.org>
Date:   Mon,  5 Aug 2013 13:11:15 +0100

Check against SIZE_MAX for insane allocations

Diffstat:
M lemoncake.c  | 12 ++++++++----

1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/lemoncake.c b/lemoncake.c
@@ -147,6 +147,8 @@ malloc(size_t siz)
 		return NULL;
 	if (!siz)
 		return NULL;
+	if (siz > SIZE_MAX / 2)
+		return NULL;
 	lock(&rblock);
 	/* Lookup in the free tree for a block greater
 	 * than or equal to `siz' bytes */
@@ -208,6 +210,8 @@ realloc(void *oldp, size_t siz)
 			free(oldp);
 		return NULL;
 	}
+	if (siz > SIZE_MAX / 2)
+		return NULL;
 	lock(&rblock);
 	n.buf = oldp;
 	res = RB_FIND(alloc_tree, &at, &n);
@@ -346,8 +350,8 @@ memalign(size_t align, size_t siz)
 		return NULL;
 	if (align < sizeof(void *))
 		return NULL;
-	if (!siz)
-		return 0;
+	if (align > SIZE_MAX - align)
+		return NULL;
 	/* Just allocate a new block, we don't care to look
 	 * for a block in the free tree as it might not be properly
 	 * aligned.  The previous implementation could cope with
@@ -399,8 +403,8 @@ posix_memalign(void **memptr, size_t align, size_t siz)
 		return EINVAL;
 	if (align < sizeof(void *))
 		return EINVAL;
-	if (!siz)
-		return 0;
+	if (siz > SIZE_MAX - align)
+		return ENOMEM;
 	*memptr = memalign(align, siz);
 	if (!*memptr)
 		return ENOMEM;

	lemoncake rbtree based memory allocator
	git clone git://git.2f30.org/lemoncake
	Log \| Files \| Refs \| README \| LICENSE