X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_utilities/lib/alloc.h

diff --git a/OSX/libsecurity_utilities/lib/alloc.h b/OSX/libsecurity_utilities/lib/alloc.h
index 83403e01..8d276227 100644
--- a/OSX/libsecurity_utilities/lib/alloc.h
+++ b/OSX/libsecurity_utilities/lib/alloc.h
@@ -55,10 +55,23 @@ public:
 	{ return reinterpret_cast<T *>(malloc(sizeof(T))); }
 
 	template <class T> T *alloc(UInt32 count) throw(std::bad_alloc)
-	{ return reinterpret_cast<T *>(malloc(sizeof(T) * count)); }
+	{
+        size_t bytes = 0;
+        if (__builtin_mul_overflow(sizeof(T), count, &bytes)) {
+            throw std::bad_alloc();
+        }
+        return reinterpret_cast<T *>(malloc(bytes));
+
+    }
 
 	template <class T> T *alloc(T *old, UInt32 count) throw(std::bad_alloc)
-	{ return reinterpret_cast<T *>(realloc(old, sizeof(T) * count)); }
+	{
+        size_t bytes = 0;
+        if (__builtin_mul_overflow(sizeof(T), count, &bytes)) {
+            throw std::bad_alloc();
+        }
+        return reinterpret_cast<T *>(realloc(old, bytes));
+    }
 	
         
 	//
@@ -74,8 +87,13 @@ public:
 	// All right, if you *really* have to have calloc...
 	void *calloc(size_t size, size_t count) throw(std::bad_alloc)
 	{
-		void *addr = malloc(size * count);
-		memset(addr, 0, size * count);
+        size_t bytes = 0;
+        if(__builtin_mul_overflow(size, count, &bytes)) {
+            // Multiplication overflowed.
+            throw std::bad_alloc();
+        }
+		void *addr = malloc(bytes);
+		memset(addr, 0, bytes);
 		return addr;
 	}