X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/6b200bc335dc93c5516ccb52f14bd896d8c7fad7..0d4552ce43ff8bf2e8666a9c5c44c3590eb117a8:/OSX/libsecurity_utilities/lib/alloc.cpp?ds=inline

diff --git a/OSX/libsecurity_utilities/lib/alloc.cpp b/OSX/libsecurity_utilities/lib/alloc.cpp
index 04d109c3..5d297087 100644
--- a/OSX/libsecurity_utilities/lib/alloc.cpp
+++ b/OSX/libsecurity_utilities/lib/alloc.cpp
@@ -114,7 +114,8 @@ void *DefaultAllocator::realloc(void *addr, size_t newSize) throw(std::bad_alloc
 
 void SensitiveAllocator::free(void *addr) throw()
 {
-    memset(addr, 0, malloc_size(addr));
+    size_t size = malloc_size(addr);
+    ::memset_s(addr, size, 0, size);
     DefaultAllocator::free(addr);
 }
 
@@ -122,7 +123,7 @@ void *SensitiveAllocator::realloc(void *addr, size_t newSize) throw(std::bad_all
 {
     size_t oldSize = malloc_size(addr);
     if (newSize < oldSize)
-        memset(increment(addr, newSize), 0, oldSize - newSize);
+        ::memset_s(increment(addr, newSize), oldSize - newSize, 0, oldSize - newSize);
     return DefaultAllocator::realloc(addr, newSize);
 }
 
@@ -136,8 +137,12 @@ void *SensitiveAllocator::realloc(void *addr, size_t newSize) throw(std::bad_all
 //
 void *CssmHeap::operator new (size_t size, Allocator *alloc) throw(std::bad_alloc)
 {
-	if (alloc == NULL)
+    if (size > SIZE_T_MAX / 2) {
+        throw std::bad_alloc();
+    }
+    if (alloc == NULL) {
 		alloc = &Allocator::standard();
+    }
 	size = alignUp(size, alignof_template<Allocator *>());
 	size_t totalSize = size + sizeof(Allocator *);
 	void *addr = alloc->malloc(totalSize);