1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ossl.c: check integer overflow

Browse Source 
* ext/openssl/ossl.c (Init_ossl_locks): check integer overflow.
  OPENSSL_malloc() takes int only.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41879 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2013-07-10 02:19:47 +00:00
parent 1734e481af
commit c341e85b1c
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ext/openssl/ossl.c
View File

@ -480,9 +480,13 @@ static unsigned long ossl_thread_id(void)
static void Init_ossl_locks(void) static void Init_ossl_locks(void)
{ {
int i; int i;
int num_locks = CRYPTO_num_locks();
ossl_locks = (VALUE*) OPENSSL_malloc(CRYPTO_num_locks() * sizeof(VALUE)); if ((unsigned)num_locks >= INT_MAX / (int)sizeof(VALUE)) {
for (i = 0; i < CRYPTO_num_locks(); i++) { rb_raise(rb_eRuntimeError, "CRYPTO_num_locks() is too big: %d", num_locks);
}
ossl_locks = (VALUE*) OPENSSL_malloc(num_locks * (int)sizeof(VALUE));
for (i = 0; i < num_locks; i++) {
ossl_locks[i] = rb_mutex_new(); ossl_locks[i] = rb_mutex_new();
rb_global_variable(&(ossl_locks[i])); rb_global_variable(&(ossl_locks[i]));
} }