X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/6b200bc335dc93c5516ccb52f14bd896d8c7fad7..0d4552ce43ff8bf2e8666a9c5c44c3590eb117a8:/OSX/libsecurity_utilities/lib/alloc.cpp?ds=inline diff --git a/OSX/libsecurity_utilities/lib/alloc.cpp b/OSX/libsecurity_utilities/lib/alloc.cpp index 04d109c3..5d297087 100644 --- a/OSX/libsecurity_utilities/lib/alloc.cpp +++ b/OSX/libsecurity_utilities/lib/alloc.cpp @@ -114,7 +114,8 @@ void *DefaultAllocator::realloc(void *addr, size_t newSize) throw(std::bad_alloc void SensitiveAllocator::free(void *addr) throw() { - memset(addr, 0, malloc_size(addr)); + size_t size = malloc_size(addr); + ::memset_s(addr, size, 0, size); DefaultAllocator::free(addr); } @@ -122,7 +123,7 @@ void *SensitiveAllocator::realloc(void *addr, size_t newSize) throw(std::bad_all { size_t oldSize = malloc_size(addr); if (newSize < oldSize) - memset(increment(addr, newSize), 0, oldSize - newSize); + ::memset_s(increment(addr, newSize), oldSize - newSize, 0, oldSize - newSize); return DefaultAllocator::realloc(addr, newSize); } @@ -136,8 +137,12 @@ void *SensitiveAllocator::realloc(void *addr, size_t newSize) throw(std::bad_all // void *CssmHeap::operator new (size_t size, Allocator *alloc) throw(std::bad_alloc) { - if (alloc == NULL) + if (size > SIZE_T_MAX / 2) { + throw std::bad_alloc(); + } + if (alloc == NULL) { alloc = &Allocator::standard(); + } size = alignUp(size, alignof_template()); size_t totalSize = size + sizeof(Allocator *); void *addr = alloc->malloc(totalSize);