Date: Tue, 06 May 2014 03:15:32 +0400 From: Andrey Chernov <ache@freebsd.org> To: Warner Losh <imp@bsdimp.com>, David Chisnall <theraven@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, Pedro Giffuni <pfg@FreeBSD.org>, src-committers <src-committers@freebsd.org> Subject: Re: svn commit: r265367 - head/lib/libc/regex Message-ID: <53681B94.103@freebsd.org> In-Reply-To: <AFF177D5-AA37-4079-A272-F62FDB608495@bsdimp.com> References: <201405051641.s45GfFje086423@svn.freebsd.org> <5367CD77.40909@freebsd.org> <B11B5B25-8E05-4225-93D5-3A607332F19A@FreeBSD.org> <5367EB54.1080109@FreeBSD.org> <3C7CFFB7-5C84-4AC1-9A81-C718D184E87B@FreeBSD.org> <7D7A417E-17C3-4001-8E79-0B57636A70E1@gmail.com> <A4B5E0E8-93CB-4E80-9065-5D25A007B726@FreeBSD.org> <AFF177D5-AA37-4079-A272-F62FDB608495@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 06.05.2014 2:59, Warner Losh wrote: > Stupid is as stupid does. malloc and realloc both have this same issue. While an interesting theoretical attack, the size doesn’t necessarily come from multiplication. Careful coding is still required, not matter what spin you put on this. reallocf() solves the memory leak issue, but not the problem with overflow (which the realloc() interface has too). The caller can check to make sure they aren’t requesting too much memory and overflowing. The interface isn’t designed to solve the problem you are complaining about. > > There’s only so much you can do to prevent programming errors. calloc() isn’t going to solve the world’s problems for you, and introduces a non-trivial amount of overhead for the trivial amount of overhead that is “saved” by moving the overflow check from the caller to the callee... I agree completely. -- http://ache.vniz.net/ [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlNoG54ACgkQVg5YK5ZEdN1NLQCgusr3bvds8O+SZFi9e3fwUEeB li0An2KrVfKXGSc4J/lIJWuraM4R0daW =RGRk -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53681B94.103>