[PATCH libinput] util: abort if we try to allocate more than a MB

Matheus Santana embs at cin.ufpe.br
Wed Jun 20 00:22:52 UTC 2018


Reviewed-by: Matheus Santana <embs at cin.ufpe.br>

The check for negatives isn't needed anymore?

On Tue, Jun 19, 2018 at 8:44 PM, Peter Hutterer <peter.hutterer at who-t.net>
wrote:

> The ssize_t cast upsets coverity for some reason but we can be a lot more
> restrictive here anyway. Quick analysis of the zalloc calls in the test
> suite
> show the largest allocation is 9204 bytes.
>
> Let's put a cap on for one MB, anything above that is likely some memory
> corruption and should be caught early.
>
> Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
> ---
>  src/libinput-util.h | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/src/libinput-util.h b/src/libinput-util.h
> index 8c67dcbd..4f60e8ea 100644
> --- a/src/libinput-util.h
> +++ b/src/libinput-util.h
> @@ -142,7 +142,9 @@ zalloc(size_t size)
>  {
>         void *p;
>
> -       if ((ssize_t)size < 0)
> +       /* We never need to alloc anything even near one MB so we can
> assume
> +        * if we ever get above that something's going wrong */
> +       if (size > 1024 * 1024)
>                 abort();
>
>         p = calloc(1, size);
> --
> 2.17.1
>
> _______________________________________________
> wayland-devel mailing list
> wayland-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/wayland-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/wayland-devel/attachments/20180619/eae87a40/attachment.html>


More information about the wayland-devel mailing list