summaryrefslogtreecommitdiff
path: root/src/mq/mq_getattr.c
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2016-10-06 18:34:58 -0400
committerRich Felker <dalias@aerifal.cx>2016-10-06 18:47:53 -0400
commitc3edc06d1e1360f3570db9155d6b318ae0d0f0f7 (patch)
treee1064c892c9e2d2cbbcbce7ea22bc0967701ae46 /src/mq/mq_getattr.c
parent583ea83541dcc6481c7a1bd1a9b485526bad84a1 (diff)
downloadmusl-c3edc06d1e1360f3570db9155d6b318ae0d0f0f7.tar.gz
musl-c3edc06d1e1360f3570db9155d6b318ae0d0f0f7.tar.bz2
musl-c3edc06d1e1360f3570db9155d6b318ae0d0f0f7.tar.xz
musl-c3edc06d1e1360f3570db9155d6b318ae0d0f0f7.zip
fix missing integer overflow checks in regexec buffer size computations
most of the possible overflows were already ruled out in practice by regcomp having already succeeded performing larger allocations. however at least the num_states*num_tags multiplication can clearly overflow in practice. for safety, check them all, and use the proper type, size_t, rather than int. also improve comments, use calloc in place of malloc+memset, and remove bogus casts.
Diffstat (limited to 'src/mq/mq_getattr.c')
0 files changed, 0 insertions, 0 deletions