From 70efabd0adbdaf582307593d03d2e1d5de3b4e2e Mon Sep 17 00:00:00 2001 From: Gregory Nutt Date: Mon, 7 Jan 2019 16:13:48 -0600 Subject: [PATCH] mm/mm_heap/mm_calloc.c: Verify that the number of elements times the size of an element will not overflow type size_t. This is required by the SEI CERT C coding style and resolves anonymous Bitbucket Issue #139 --- TODO | 3 +++ mm/mm_heap/mm_calloc.c | 13 ++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/TODO b/TODO index fbc6a089ba..3a0e8b341b 100644 --- a/TODO +++ b/TODO @@ -2181,6 +2181,9 @@ o File system / Generic drivers (fs/, drivers/) space at the seek position. Seeking beyond the end of the file has the side effect of extending the file. + [NOTE: This automatic extension of the file cluster allocation + is probably unnecessary and another issue of its own.] + For example, suppose you have a cluster size that is 4096 bytes and a file that is 8192 bytes long. Then the file will consist of 2 allocated clusters at offsets 0 through 8191. diff --git a/mm/mm_heap/mm_calloc.c b/mm/mm_heap/mm_calloc.c index 43d06e2e31..56cba4bbf4 100644 --- a/mm/mm_heap/mm_calloc.c +++ b/mm/mm_heap/mm_calloc.c @@ -57,9 +57,20 @@ FAR void *mm_calloc(FAR struct mm_heap_s *heap, size_t n, size_t elem_size) { FAR void *ret = NULL; + /* Verify input parameters */ + if (n > 0 && elem_size > 0) { - ret = mm_zalloc(heap, n * elem_size); + /* Assure that the following multiplication cannot overflow the size_t + * type, i.e., that: SIZE_MAX >= n * elem_size + * + * Refer to SEI CERT C Coding Standard. + */ + + if (n <= (SIZE_MAX / elem_size)) + { + ret = mm_zalloc(heap, n * elem_size); + } } return ret;