printstr: check for potential integer overflow

* util.c (printstr): Check for potential integer overflow during outstr buffer size calculation.
author: Dmitry V. Levin <ldv@altlinux.org> 2012-03-25 22:56:53 +0000
committer: Dmitry V. Levin <ldv@altlinux.org> 2012-03-25 22:56:53 +0000
commit: 378f9c5ad0043632475cd17cbe5fe4cf38971b2b (patch)
tree: d21856df5592c59d34f889d37b3a804a96b46817 /util.c
parent: ccee169ab6aa4ae7515198dadcef5dd2286ede4b (diff)
download: strace-378f9c5ad0043632475cd17cbe5fe4cf38971b2b.tar.gz
strace-378f9c5ad0043632475cd17cbe5fe4cf38971b2b.tar.bz2
strace-378f9c5ad0043632475cd17cbe5fe4cf38971b2b.tar.xz
1 files changed, 5 insertions, 1 deletions
diff --git a/util.c b/util.c
index ea3488d..348d77f 100644
--- a/util.c
+++ b/util.c
@@ -564,10 +564,14 @@ printstr(struct tcb *tcp, long addr, int len)
 	}
 	/* Allocate static buffers if they are not allocated yet. */
 	if (!str) {
+		unsigned int outstr_size = 4 * max_strlen + /*for quotes and NUL:*/ 3;
+
+		if (outstr_size / 4 != max_strlen)
+			die_out_of_memory();
 		str = malloc(max_strlen + 1);
 		if (!str)
 			die_out_of_memory();
-		outstr = malloc(4 * max_strlen + /*for quotes and NUL:*/ 3);
+		outstr = malloc(outstr_size);
 		if (!outstr)
 			die_out_of_memory();
 	}
author	Dmitry V. Levin <ldv@altlinux.org>	2012-03-25 22:56:53 +0000
committer	Dmitry V. Levin <ldv@altlinux.org>	2012-03-25 22:56:53 +0000
commit	378f9c5ad0043632475cd17cbe5fe4cf38971b2b (patch)
tree	d21856df5592c59d34f889d37b3a804a96b46817 /util.c
parent	ccee169ab6aa4ae7515198dadcef5dd2286ede4b (diff)
download	strace-378f9c5ad0043632475cd17cbe5fe4cf38971b2b.tar.gz strace-378f9c5ad0043632475cd17cbe5fe4cf38971b2b.tar.bz2 strace-378f9c5ad0043632475cd17cbe5fe4cf38971b2b.tar.xz