about summary refs log tree commit diff
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2003-09-25 05:34:28 +0000
committerUlrich Drepper <drepper@redhat.com>2003-09-25 05:34:28 +0000
commitc706f2a34d1216c9b22aad4265317f92f3189cec (patch)
tree534f89b57d78f7c455ae682e0d705ec9502f3f41
parentfca9d8e489ecdaaef96861e879658425e2db1297 (diff)
downloadglibc-c706f2a34d1216c9b22aad4265317f92f3189cec.tar.gz
glibc-c706f2a34d1216c9b22aad4265317f92f3189cec.tar.xz
glibc-c706f2a34d1216c9b22aad4265317f92f3189cec.zip
(__argp_fmtstream_ensure): Check for size_t overflow when reallocating storage.
-rw-r--r--argp/argp-fmtstream.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/argp/argp-fmtstream.c b/argp/argp-fmtstream.c
index d06ea8453b..215160bdcd 100644
--- a/argp/argp-fmtstream.c
+++ b/argp/argp-fmtstream.c
@@ -385,10 +385,11 @@ __argp_fmtstream_ensure (struct argp_fmtstream *fs, size_t amount)
       if ((size_t) (fs->end - fs->buf) < amount)
 	/* Gotta grow the buffer.  */
 	{
-	  size_t new_size = fs->end - fs->buf + amount;
-	  char *new_buf = realloc (fs->buf, new_size);
+	  size_t old_size = fs->end - fs->buf;
+	  size_t new_size = old_size + amount;
+	  char *new_buf;
 
-	  if (! new_buf)
+	  if (new_size < old_size || ! (new_buf = realloc (fs->buf, new_size)))
 	    {
 	      __set_errno (ENOMEM);
 	      return 0;