From f0c730c5407ec42ff2f416a71f6519cd0e2c0afe Mon Sep 17 00:00:00 2001

From: Lennart Poettering <lennart@poettering.net>

Date: Tue, 10 Dec 2013 18:53:03 +0000

Subject: [PATCH] util: check for overflow in greedy_realloc()

(cherry picked from commit 98088803bb2a9f89b7bbc063123dda3343138f18)

Conflicts:

	src/shared/util.c

---

 src/shared/util.c | 8 ++++++++

 1 file changed, 8 insertions(+)

diff --git a/src/shared/util.c b/src/shared/util.c

index 1510c5e552..02bae9043c 100644

--- a/src/shared/util.c

+++ b/src/shared/util.c

@@ -5832,10 +5832,18 @@ void* greedy_realloc(void **p, size_t *allocated, size_t need) {

         size_t a;

         void *q;

+        assert(p);

+        assert(allocated);

+

         if (*allocated >= need)

                 return *p;

         a = MAX(64u, need * 2);

+

+        /* check for overflows */

+        if (a < need)

+                return NULL;

+

         q = realloc(*p, a);

         if (!q)

                 return NULL;