From 7756bef786978bd5d07c05b55bc8428454d6837d Mon Sep 17 00:00:00 2001 From: jhb Date: Mon, 28 Jan 2013 15:48:31 +0000 Subject: - Compute the correct size to reallocate when doubling the size of the array of loaded objects to avoid a buffer overrun. - Use reallocf() to avoid leaking memory if the realloc() fails. PR: kern/175648 Submitted by: yuri@rawbw.com (1) MFC after: 1 week --- lib/libproc/proc_rtld.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/libproc') diff --git a/lib/libproc/proc_rtld.c b/lib/libproc/proc_rtld.c index 2a9ed39..5259049 100644 --- a/lib/libproc/proc_rtld.c +++ b/lib/libproc/proc_rtld.c @@ -44,7 +44,8 @@ map_iter(const rd_loadobj_t *lop, void *arg) if (phdl->nobjs >= phdl->rdobjsz) { phdl->rdobjsz *= 2; - phdl->rdobjs = realloc(phdl->rdobjs, phdl->rdobjsz); + phdl->rdobjs = reallocf(phdl->rdobjs, sizeof(*phdl->rdobjs) * + phdl->rdobjsz); if (phdl->rdobjs == NULL) return (-1); } -- cgit v1.1