Merge remote-tracking branch 'origin/maint-0.2.2'

author: Nick Mathewson <nickm@torproject.org> 2011-09-20 10:25:56 -0400
committer: Nick Mathewson <nickm@torproject.org> 2011-09-20 10:25:56 -0400
commit: 40288e1e66b82fc0a641afeaad5d102f001f3df1 (patch)
tree: 795acd0f011c707fd88a5a596ed645d648517665
parent: 0c0345a3d003a0a52b9334ad559698a220e8b76d (diff)
parent: bfa75f70bb5eef7b470068df8bf9e3c7fa88c21a (diff)
download: tor-40288e1e66b82fc0a641afeaad5d102f001f3df1.tar
tor-40288e1e66b82fc0a641afeaad5d102f001f3df1.tar.gz
2 files changed, 6 insertions, 1 deletions
diff --git a/changes/bug4059 b/changes/bug4059
new file mode 100644
index 000000000..82a4b1a10
--- /dev/null
+++ b/changes/bug4059
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Change an integer overflow check in the OpenBSD_Malloc code so
+      that GCC is less likely to eliminate it as impossible. Patch
+      from Mansour Moufid. Fixes bug 4059.
+
diff --git a/src/common/OpenBSD_malloc_Linux.c b/src/common/OpenBSD_malloc_Linux.c
index 19dac7765..445135c6b 100644
--- a/src/common/OpenBSD_malloc_Linux.c
+++ b/src/common/OpenBSD_malloc_Linux.c
@@ -1236,7 +1236,7 @@ imalloc(size_t size)
 		ptralloc = 1;
 		size = malloc_pagesize;
 	}
-	if ((size + malloc_pagesize) < size) {	/* Check for overflow */
+	if (size > SIZE_MAX - malloc_pagesize) { /* Check for overflow */
 		result = NULL;
 		errno = ENOMEM;
 	} else if (size <= malloc_maxsize)
author	Nick Mathewson <nickm@torproject.org>	2011-09-20 10:25:56 -0400
committer	Nick Mathewson <nickm@torproject.org>	2011-09-20 10:25:56 -0400
commit	40288e1e66b82fc0a641afeaad5d102f001f3df1 (patch)
tree	795acd0f011c707fd88a5a596ed645d648517665
parent	0c0345a3d003a0a52b9334ad559698a220e8b76d (diff)
parent	bfa75f70bb5eef7b470068df8bf9e3c7fa88c21a (diff)
download	tor-40288e1e66b82fc0a641afeaad5d102f001f3df1.tar tor-40288e1e66b82fc0a641afeaad5d102f001f3df1.tar.gz