View Issue Details

IDProjectCategoryView StatusLast Update
0006189GNUnetutil librarypublic2020-07-09 09:17
Reporterfefe Assigned ToChristian Grothoff  
PrioritynormalSeveritymajorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version0.12.1 
Target Version0.13.0Fixed in Version0.13.0 
Summary0006189: GNUNET_new_array does not check for int overflow
DescriptionIn gnunet/src/include/gnunet_common.h:

1143 #define GNUNET_new_array(n, type) (type *) GNUNET_malloc ((n) * sizeof(type))

The multiplication can overflow, in which case the function should fail instead of silently returning too little memory.

This is an important bug class. libc has calloc() that does check for this integer overflow and returns NULL.
OpenBSD also added a function named reallocarray to check for this bug type.

The standard recommendation is to use calloc, but calloc will return NULL on failure while your APIs want to abort the whole program, so a slightly larger change will be necessary.
TagsNo tags attached.

Activities

Christian Grothoff

2020-04-21 13:38

manager   ~0015720

Fixed in e938b8617..3776e3a77

schanzen

2020-07-09 09:17

manager   ~0016424

0.13.0 released

Issue History

Date Modified Username Field Change
2020-04-21 12:17 fefe New Issue
2020-04-21 13:38 Christian Grothoff Note Added: 0015720
2020-04-21 13:38 Christian Grothoff Assigned To => Christian Grothoff
2020-04-21 13:38 Christian Grothoff Status new => resolved
2020-04-21 13:38 Christian Grothoff Resolution open => fixed
2020-04-21 13:38 Christian Grothoff Fixed in Version => 0.12.2
2020-04-21 13:38 Christian Grothoff Target Version => 0.12.2
2020-04-23 10:45 schanzen Fixed in Version 0.12.2 => 0.13.0
2020-04-23 10:47 schanzen Target Version 0.12.2 => 0.13.0
2020-06-01 00:49 Adminknox Issue cloned: 0006312
2020-06-01 00:52 Adminknox Issue cloned: 0006344
2020-07-09 09:17 schanzen Note Added: 0016424
2020-07-09 09:17 schanzen Status resolved => closed