mm/mm_heap/mm_calloc.c: Verify that the number of elements times the size of an element will not overflow type size_t. This is required by the SEI CERT C coding style and resolves anonymous Bitbucket Issue #139

2019-01-07 16:13:48 -06:00 · 2019-01-07 16:13:48 -06:00 · 70efabd0ad
commit 70efabd0ad
parent 0f1bfd8330
2 changed files with 15 additions and 1 deletions
--- a/3
+++ b/3
@ -2181,6 +2181,9 @@ o File system / Generic drivers (fs/, drivers/)
               space at the seek position.  Seeking beyond the end of the file
               has the side effect of extending the file.

+               [NOTE: This automatic extension of the file cluster allocation
+                is probably unnecessary and another issue of its own.]
+
               For example, suppose you have a cluster size that is 4096 bytes
               and a file that is 8192 bytes long.  Then the file will consist
               of 2 allocated clusters at offsets 0 through 8191.
--- a/mm/mm_heap/mm_calloc.c
+++ b/mm/mm_heap/mm_calloc.c
@ -57,9 +57,20 @@ FAR void *mm_calloc(FAR struct mm_heap_s *heap, size_t n, size_t elem_size)
 {
  FAR void *ret = NULL;

+  /* Verify input parameters */
+
  if (n > 0 && elem_size > 0)
    {
-      ret = mm_zalloc(heap, n * elem_size);
+      /* Assure that the following multiplication cannot overflow the size_t
+       * type, i.e., that:  SIZE_MAX >= n * elem_size
+       *
+       * Refer to SEI CERT C Coding Standard.
+       */
+
+      if (n <= (SIZE_MAX / elem_size))
+        {
+          ret = mm_zalloc(heap, n * elem_size);
+        }
    }

  return ret;