File: gd_security.c

package info (click to toggle)
php5 5.6.33%2Bdfsg-0%2Bdeb8u1
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 157,872 kB
  • sloc: ansic: 756,065; php: 22,030; sh: 12,311; cpp: 8,771; xml: 6,179; yacc: 1,564; exp: 1,514; makefile: 1,467; pascal: 1,147; awk: 538; perl: 315; sql: 22
file content (31 lines) | stat: -rw-r--r-- 671 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
/*
   * gd_security.c
   *
   * Implements buffer overflow check routines.
   *
   * Written 2004, Phil Knirsch.
   * Based on netpbm fixes by Alan Cox.
   *
 */

#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

#include <stdio.h>
#include <stdlib.h>
#include <limits.h>
#include "gd.h"

int overflow2(int a, int b)
{
	if(a <= 0 || b <= 0) {
		php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative or zero, failing operation gracefully\n");
		return 1;
	}
	if(a > INT_MAX / b) {
		php_gd_error("gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n");
		return 1;
	}
	return 0;
}