Add fz_calloc function to check for integer overflow when allocating arrays, and change the signature of fz_realloc to match.

1 files changed, 34 insertions, 4 deletions

diff --git a/fitz/base_memory.c b/fitz/base_memory.c
index 1f03faa5..4153f31e 100644
--- a/fitz/base_memory.c
+++ b/fitz/base_memory.c
@@ -1,9 +1,11 @@
 #include "fitz.h"
 
+#define INT_MAX 2147483647
+
 void *
-fz_malloc(int n)
+fz_malloc(int size)
 {
-	void *p = malloc(n);
+	void *p = malloc(size);
 	if (!p)
 	{
 		fprintf(stderr, "fatal error: out of memory\n");
@@ -13,9 +15,37 @@ fz_malloc(int n)
 }
 
 void *
-fz_realloc(void *p, int n)
+fz_calloc(int count, int size)
 {
-	void *np = realloc(p, n);
+	void *p;
+
+	if (count > INT_MAX / size)
+	{
+		fprintf(stderr, "fatal error: out of memory (integer overflow)\n");
+		abort();
+	}
+
+	p = malloc(count * size);
+	if (!p)
+	{
+		fprintf(stderr, "fatal error: out of memory\n");
+		abort();
+	}
+	return p;
+}
+
+void *
+fz_realloc(void *p, int count, int size)
+{
+	void *np;
+
+	if (count > INT_MAX / size)
+	{
+		fprintf(stderr, "fatal error: out of memory (integer overflow)\n");
+		abort();
+	}
+
+	np = realloc(p, count * size);
 	if (np == nil)
 	{
 		fprintf(stderr, "fatal error: out of memory\n");