Security-59306.120.7.tar.gz

[apple/security.git] / OSX / libsecurity_utilities / lib / alloc.cpp

diff --git a/OSX/libsecurity_utilities/lib/alloc.cpp b/OSX/libsecurity_utilities/lib/alloc.cpp
index 04d109c32df4cd5e26b16817565053e036b64852..5d297087347a30401c16306fd96da364a11d3593 100644 (file)
--- a/OSX/libsecurity_utilities/lib/alloc.cpp
+++ b/OSX/libsecurity_utilities/lib/alloc.cpp
@@ -114,7 +114,8 @@ void *DefaultAllocator::realloc(void *addr, size_t newSize) throw(std::bad_alloc
 
 void SensitiveAllocator::free(void *addr) throw()
 {
-    memset(addr, 0, malloc_size(addr));
+    size_t size = malloc_size(addr);
+    ::memset_s(addr, size, 0, size);
     DefaultAllocator::free(addr);
 }
 
@@ -122,7 +123,7 @@ void *SensitiveAllocator::realloc(void *addr, size_t newSize) throw(std::bad_all
 {
     size_t oldSize = malloc_size(addr);
     if (newSize < oldSize)
-        memset(increment(addr, newSize), 0, oldSize - newSize);
+        ::memset_s(increment(addr, newSize), oldSize - newSize, 0, oldSize - newSize);
     return DefaultAllocator::realloc(addr, newSize);
 }
 
@@ -136,8 +137,12 @@ void *SensitiveAllocator::realloc(void *addr, size_t newSize) throw(std::bad_all
 //
 void *CssmHeap::operator new (size_t size, Allocator *alloc) throw(std::bad_alloc)
 {
-       if (alloc == NULL)
+    if (size > SIZE_T_MAX / 2) {
+        throw std::bad_alloc();
+    }
+    if (alloc == NULL) {
                alloc = &Allocator::standard();
+    }
        size = alignUp(size, alignof_template<Allocator *>());
        size_t totalSize = size + sizeof(Allocator *);
        void *addr = alloc->malloc(totalSize);