[PATCH v1 1/2] lib: hashtable: fix integer overflow in himport_r
Stefan Monnier
monnier at iro.umontreal.ca
Wed Apr 8 19:47:59 CEST 2026
> + /* Check for potential integer overflow */
> + if (size == SIZE_MAX) {
> + debug("%s: size too large, would overflow\n", __func__);
> + __set_errno(EINVAL);
> + return 0;
> + }
> +
> /* we allocate new space to make sure we can write to the array */
> if ((data = malloc(size + 1)) == NULL) {
> debug("himport_r: can't malloc %lu bytes\n", (ulong)size + 1);
Rather than depend on SIZE_MAX being the right boundary, can we do
a check along the lines of `size + 1 > size`?
=== Stefan
More information about the U-Boot
mailing list