0006189: GNUNET_new_array does not check for int overflow

ID	Project	Category	View Status	Date Submitted	Last Update

0006189	GNUnet	util library	public	2020-04-21 12:17	2020-07-09 09:17

Reporter	fefe	Assigned To	Christian Grothoff
Priority	normal	Severity	major	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	0.12.1
Target Version	0.13.0	Fixed in Version	0.13.0

Summary	0006189: GNUNET_new_array does not check for int overflow
Description	In gnunet/src/include/gnunet_common.h: 1143 #define GNUNET_new_array(n, type) (type ) GNUNET_malloc ((n) sizeof(type)) The multiplication can overflow, in which case the function should fail instead of silently returning too little memory. This is an important bug class. libc has calloc() that does check for this integer overflow and returns NULL. OpenBSD also added a function named reallocarray to check for this bug type. The standard recommendation is to use calloc, but calloc will return NULL on failure while your APIs want to abort the whole program, so a slightly larger change will be necessary.
Tags	No tags attached.

Date Modified	Username	Field	Change
2020-04-21 12:17	fefe	New Issue
2020-04-21 13:38	Christian Grothoff	Note Added: 0015720
2020-04-21 13:38	Christian Grothoff	Assigned To	=> Christian Grothoff
2020-04-21 13:38	Christian Grothoff	Status	new => resolved
2020-04-21 13:38	Christian Grothoff	Resolution	open => fixed
2020-04-21 13:38	Christian Grothoff	Fixed in Version	=> 0.12.2
2020-04-21 13:38	Christian Grothoff	Target Version	=> 0.12.2
2020-04-23 10:45	schanzen	Fixed in Version	0.12.2 => 0.13.0
2020-04-23 10:47	schanzen	Target Version	0.12.2 => 0.13.0
2020-06-01 00:49	~~Adminknox~~	Issue cloned: 0006312
2020-06-01 00:52	~~Adminknox~~	Issue cloned: 0006344
2020-07-09 09:17	schanzen	Note Added: 0016424
2020-07-09 09:17	schanzen	Status	resolved => closed