Add overflow checks so we I_Error instead of death crash into oblivion
You'd love to know how we even reached (size_t)-1.
This commit is contained in:
parent
c221a89c67
commit
33816e49ca
|
@ -247,7 +247,11 @@ void Z_Free(void *ptr)
|
|||
static void *xm(size_t size)
|
||||
{
|
||||
const size_t padedsize = size+sizeof (size_t);
|
||||
void *p = malloc(padedsize);
|
||||
void *p;
|
||||
|
||||
if (padedsize < size)/* overflow check */
|
||||
I_Error("You are allocating memory too large!");
|
||||
p = malloc(padedsize);
|
||||
|
||||
if (p == NULL)
|
||||
{
|
||||
|
@ -295,6 +299,9 @@ void *Z_MallocAlign(size_t size, INT32 tag, void *user, INT32 alignbits)
|
|||
CONS_Debug(DBG_MEMORY, "Z_Malloc %s:%d\n", file, line);
|
||||
#endif
|
||||
|
||||
if (blocksize < size)/* overflow check */
|
||||
I_Error("You are allocating memory too large!");
|
||||
|
||||
block = xm(sizeof *block);
|
||||
#ifdef HAVE_VALGRIND
|
||||
padsize += (1<<sizeof(size_t))*2;
|
||||
|
|
Loading…
Reference in New Issue