summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libc/stdlib/malloc-simple/alloc.c20
1 files changed, 20 insertions, 0 deletions
diff --git a/libc/stdlib/malloc-simple/alloc.c b/libc/stdlib/malloc-simple/alloc.c
index 3baf75fdd..757a05ecf 100644
--- a/libc/stdlib/malloc-simple/alloc.c
+++ b/libc/stdlib/malloc-simple/alloc.c
@@ -13,6 +13,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <stdint.h>
#include <errno.h>
#include <sys/mman.h>
#include <malloc.h>
@@ -28,6 +29,15 @@ void *malloc(size_t size)
size++;
}
+ /* prevent Undefined Behaviour for pointer arithmetic (substract) of too big pointers
+ * see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63303
+ * No need to check for size + sizeof(size_t) integer overflow since we already check for PTRDIFF_MAX
+ */
+ if (unlikely(size > PTRDIFF_MAX)) {
+ __set_errno(ENOMEM);
+ return 0;
+ }
+
#ifdef __ARCH_USE_MMU__
# define MMAP_FLAGS MAP_PRIVATE | MAP_ANONYMOUS
#else
@@ -148,6 +158,16 @@ void * memalign (size_t alignment, size_t size)
void * result;
unsigned long int adj;
+ if (unlikely(size > PTRDIFF_MAX)) {
+ __set_errno(ENOMEM);
+ return NULL;
+ }
+
+ if (unlikely((size + alignment - 1 < size) && (alignment != 0))) {
+ __set_errno(ENOMEM);
+ return NULL;
+ }
+
result = malloc (size + alignment - 1);
if (result == NULL)
return NULL;