Date: Mon, 3 Nov 2025 06:16:50 GMT From: Xin LI <delphij@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 40d216183821 - main - cron: Use reallocarray() to prevent integer overflow Message-ID: <202511030616.5A36GoPB051578@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by delphij: URL: https://cgit.FreeBSD.org/src/commit/?id=40d21618382108fefa84f8576b14302f65452718 commit 40d21618382108fefa84f8576b14302f65452718 Author: Xin LI <delphij@FreeBSD.org> AuthorDate: 2025-11-03 05:59:46 +0000 Commit: Xin LI <delphij@FreeBSD.org> CommitDate: 2025-11-03 05:59:46 +0000 cron: Use reallocarray() to prevent integer overflow Apply OpenBSD env.c,v 1.24 and 1.25, which replaces manual size calculations with reallocarray() to prevent possible integer overflow. MFC after: 3 days --- usr.sbin/cron/lib/env.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/usr.sbin/cron/lib/env.c b/usr.sbin/cron/lib/env.c index 287dd8636293..5a2d7ad60756 100644 --- a/usr.sbin/cron/lib/env.c +++ b/usr.sbin/cron/lib/env.c @@ -55,7 +55,7 @@ env_copy(char **envp) for (count = 0; envp[count] != NULL; count++) ; - p = (char **) malloc((count+1) * sizeof(char *)); /* 1 for the NULL */ + p = (char **) reallocarray(NULL, count+1, sizeof(char *)); /* 1 for the NULL */ if (p == NULL) { errno = ENOMEM; return NULL; @@ -112,8 +112,7 @@ env_set(char **envp, char *envstr) * one, save our string over the old null pointer, and return resized * array. */ - p = (char **) realloc((void *) envp, - (unsigned) ((count+1) * sizeof(char *))); + p = (char **) reallocarray(envp, count+1, sizeof(char *)); if (p == NULL) { /* XXX env_free(envp); */ errno = ENOMEM;help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202511030616.5A36GoPB051578>