libdislocator: reallocarray API introduction

author: David Carlier <devnexen@gmail.com> 2020-01-18 14:28:31 +0000
committer: David Carlier <devnexen@gmail.com> 2020-01-18 14:47:22 +0000
commit: 858b5da24e3b060e2ebf6ab48ded22fbdd7d3ceb (patch)
tree: eea2655052c198a0d8c0438f0963240294b48943 /libdislocator/libdislocator.so.c
parent: 1ac31361ca61f71b6a419064de5063aef80203e5 (diff)
download: afl++-858b5da24e3b060e2ebf6ab48ded22fbdd7d3ceb.tar.gz
1 files changed, 22 insertions, 0 deletions
diff --git a/libdislocator/libdislocator.so.c b/libdislocator/libdislocator.so.c
index 20649470..b9ba8967 100644
--- a/libdislocator/libdislocator.so.c
+++ b/libdislocator/libdislocator.so.c
@@ -397,6 +397,28 @@ void* aligned_alloc(size_t align, size_t len) {
 
 }
 
+/* specific BSD api mainly checking possible overflow for the size */
+
+void* reallocarray(void* ptr, size_t elem_len, size_t elem_cnt) {
+
+  const size_t elem_lim = 1UL << (sizeof(size_t) * 4);
+  const size_t elem_tot = elem_len * elem_cnt;
+  void*        ret = NULL;
+
+  if ((elem_len >= elem_lim || elem_cnt >= elem_lim) && elem_len > 0 &&
+      elem_cnt > (SIZE_MAX / elem_len)) {
+
+    DEBUGF("reallocarray size overflow (%zu)", elem_tot);
+
+  } else {
+
+    ret = realloc(ptr, elem_tot);
+
+  }
+
+  return ret;
+}
+
 __attribute__((constructor)) void __dislocator_init(void) {
 
   u8* tmp = (u8*)getenv("AFL_LD_LIMIT_MB");
author	David Carlier <devnexen@gmail.com>	2020-01-18 14:28:31 +0000
committer	David Carlier <devnexen@gmail.com>	2020-01-18 14:47:22 +0000
commit	858b5da24e3b060e2ebf6ab48ded22fbdd7d3ceb (patch)
tree	eea2655052c198a0d8c0438f0963240294b48943 /libdislocator/libdislocator.so.c
parent	1ac31361ca61f71b6a419064de5063aef80203e5 (diff)
download	afl++-858b5da24e3b060e2ebf6ab48ded22fbdd7d3ceb.tar.gz