diff options
| author | Xin LI <delphij@FreeBSD.org> | 2025-11-03 05:59:46 +0000 |
|---|---|---|
| committer | Xin LI <delphij@FreeBSD.org> | 2025-11-03 05:59:46 +0000 |
| commit | 40d21618382108fefa84f8576b14302f65452718 (patch) | |
| tree | 9cd6873e6b1363e7ed5687a288f9906aae5a5928 | |
| parent | 088ced14a69ba2dce083c031b60c0d04ba218488 (diff) | |
cron: Use reallocarray() to prevent integer overflow
Apply OpenBSD env.c,v 1.24 and 1.25, which replaces manual size
calculations with reallocarray() to prevent possible integer
overflow.
MFC after: 3 days
| -rw-r--r-- | usr.sbin/cron/lib/env.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/usr.sbin/cron/lib/env.c b/usr.sbin/cron/lib/env.c index 287dd8636293..5a2d7ad60756 100644 --- a/usr.sbin/cron/lib/env.c +++ b/usr.sbin/cron/lib/env.c @@ -55,7 +55,7 @@ env_copy(char **envp) for (count = 0; envp[count] != NULL; count++) ; - p = (char **) malloc((count+1) * sizeof(char *)); /* 1 for the NULL */ + p = (char **) reallocarray(NULL, count+1, sizeof(char *)); /* 1 for the NULL */ if (p == NULL) { errno = ENOMEM; return NULL; @@ -112,8 +112,7 @@ env_set(char **envp, char *envstr) * one, save our string over the old null pointer, and return resized * array. */ - p = (char **) realloc((void *) envp, - (unsigned) ((count+1) * sizeof(char *))); + p = (char **) reallocarray(envp, count+1, sizeof(char *)); if (p == NULL) { /* XXX env_free(envp); */ errno = ENOMEM; |