diff options
author | Richard Levitte <levitte@openssl.org> | 2017-10-26 20:49:47 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2017-10-26 22:34:32 +0200 |
commit | 217534323ec4917c754fb454bf77b6d2ff551e23 (patch) | |
tree | a0a544e7f8e3d65ad74438c1ade7c434d1d6a665 | |
parent | 44cbf6a9fe7db112ae2ed189412ab9e5205028b1 (diff) |
Use malloc/memset not calloc for WinCE portability
Fixes: #2539
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4594)
-rw-r--r-- | crypto/LPdir_win.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/crypto/LPdir_win.c b/crypto/LPdir_win.c index 07e63fb424..4961254d9a 100644 --- a/crypto/LPdir_win.c +++ b/crypto/LPdir_win.c @@ -94,8 +94,23 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory) TCHAR *wdir = NULL; /* len_0 denotes string length *with* trailing 0 */ size_t index = 0, len_0 = strlen(extdir) + 1; - - wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR)); + size_t amount; + + /* + * Size check + * The reasoning is that absolutely worst case, each byte in + * extdir will take up one TCHAR each, so the maximum size in + * bytes that we can tolerate is MAX_PATH TCHARs... not counting + * the ending NUL. + */ + if ((len_0 - 1) > MAX_PATH * sizeof(TCHAR)) { + free(*ctx); + *ctx = NULL; + errno = EINVAL; + return 0; + } + amount = len_0 * sizeof(TCHAR); + wdir = (TCHAR *)malloc(amount); if (wdir == NULL) { if (extdirbuf != NULL) { free(extdirbuf); |