cvs: ZendEngine2(PHP_5_2) / zend_alloc.c

iliaa           Sat Sep 30 17:12:06 2006 UTC

  Modified files:              (Branch: PHP_5_2)
    /ZendEngine2        zend_alloc.c 
  Log:
  Added safety checks against integer overflow.
  
  
http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.144.2.3.2.10&r2=1.144.2.3.2.11&diff_format=u
Index: ZendEngine2/zend_alloc.c
diff -u ZendEngine2/zend_alloc.c:1.144.2.3.2.10 
ZendEngine2/zend_alloc.c:1.144.2.3.2.11
--- ZendEngine2/zend_alloc.c:1.144.2.3.2.10     Thu Sep 14 08:00:44 2006
+++ ZendEngine2/zend_alloc.c    Sat Sep 30 17:12:06 2006
@@ -18,7 +18,7 @@
    +----------------------------------------------------------------------+
 */
 
-/* $Id: zend_alloc.c,v 1.144.2.3.2.10 2006/09/14 08:00:44 dmitry Exp $ */
+/* $Id: zend_alloc.c,v 1.144.2.3.2.11 2006/09/30 17:12:06 iliaa Exp $ */
 
 #include "zend.h"
 #include "zend_alloc.h"
@@ -1730,13 +1730,12 @@
 ZEND_API void *_ecalloc(size_t nmemb, size_t size ZEND_FILE_LINE_DC 
ZEND_FILE_LINE_ORIG_DC)
 {
        void *p;
-       int final_size = size*nmemb;
 
-       p = _emalloc(final_size ZEND_FILE_LINE_RELAY_CC 
ZEND_FILE_LINE_ORIG_RELAY_CC);
+       p = _safe_emalloc(nmemb, size, 0 ZEND_FILE_LINE_RELAY_CC 
ZEND_FILE_LINE_ORIG_RELAY_CC);
        if (!p) {
                return (void *) p;
        }
-       memset(p, 0, final_size);
+       memset(p, 0, size * nmemb);
        return p;
 }
 

-- 
Zend Engine CVS Mailing List (http://cvs.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php