diff --git a/include/share/alloc.h b/include/share/alloc.h index 8a53bbe5..7aa17f79 100644 --- a/include/share/alloc.h +++ b/include/share/alloc.h @@ -142,7 +142,9 @@ static inline void *safe_malloc_muladd2_(size_t size1, size_t size2, size_t size size2 += size3; if(size2 < size3) return 0; - return safe_malloc_mul_2op_(size1, size2); + if(size1 > SIZE_MAX / size2) + return 0; + return malloc(size1*size2); } static inline void *safe_realloc_add_2op_(void *ptr, size_t size1, size_t size2) diff --git a/src/libFLAC/include/private/memory.h b/src/libFLAC/include/private/memory.h index fecba6f4..9c436f70 100644 --- a/src/libFLAC/include/private/memory.h +++ b/src/libFLAC/include/private/memory.h @@ -52,6 +52,6 @@ FLAC__bool FLAC__memory_alloc_aligned_unsigned_array(size_t elements, unsigned * #ifndef FLAC__INTEGER_ONLY_LIBRARY FLAC__bool FLAC__memory_alloc_aligned_real_array(size_t elements, FLAC__real **unaligned_pointer, FLAC__real **aligned_pointer); #endif -void *safe_malloc_mul_2op_(size_t size1, size_t size2); +void *safe_malloc_mul_2op_p(size_t size1, size_t size2); #endif diff --git a/src/libFLAC/memory.c b/src/libFLAC/memory.c index b9e5d34d..32077740 100644 --- a/src/libFLAC/memory.c +++ b/src/libFLAC/memory.c @@ -220,7 +220,7 @@ FLAC__bool FLAC__memory_alloc_aligned_real_array(size_t elements, FLAC__real **u #endif -void *safe_malloc_mul_2op_(size_t size1, size_t size2) +void *safe_malloc_mul_2op_p(size_t size1, size_t size2) { if(!size1 || !size2) return malloc(1); /* malloc(0) is undefined; FLAC src convention is to always allocate */ diff --git a/src/libFLAC/metadata_iterators.c b/src/libFLAC/metadata_iterators.c index 4fbe6780..d35b9ef0 100644 --- a/src/libFLAC/metadata_iterators.c +++ b/src/libFLAC/metadata_iterators.c @@ -60,6 +60,10 @@ #include "share/alloc.h" #include "share/compat.h" #include "private/macros.h" +#include "private/memory.h" + +/* Alias the first (in share/alloc.h) to the second (in src/libFLAC/memory.c). */ +#define safe_malloc_mul_2op_ safe_malloc_mul_2op_p /**************************************************************************** * @@ -2179,7 +2183,7 @@ FLAC__Metadata_SimpleIteratorStatus read_metadata_block_data_seektable_cb_(FLAC_ if(block->num_points == 0) block->points = 0; - else if(0 == (block->points = safe_malloc_mul_2op_(block->num_points, /*times*/sizeof(FLAC__StreamMetadata_SeekPoint)))) + else if(0 == (block->points = safe_malloc_mul_2op_p(block->num_points, /*times*/sizeof(FLAC__StreamMetadata_SeekPoint)))) return FLAC__METADATA_SIMPLE_ITERATOR_STATUS_MEMORY_ALLOCATION_ERROR; for(i = 0; i < block->num_points; i++) { diff --git a/src/libFLAC/metadata_object.c b/src/libFLAC/metadata_object.c index 7f178f81..149f78de 100644 --- a/src/libFLAC/metadata_object.c +++ b/src/libFLAC/metadata_object.c @@ -37,10 +37,14 @@ #include #include "private/metadata.h" +#include "private/memory.h" #include "FLAC/assert.h" #include "share/alloc.h" +/* Alias the first (in share/alloc.h) to the second (in src/libFLAC/memory.c). */ +#define safe_malloc_mul_2op_ safe_malloc_mul_2op_p + /**************************************************************************** * @@ -151,7 +155,7 @@ static FLAC__bool copy_track_(FLAC__StreamMetadata_CueSheet_Track *to, const FLA else { FLAC__StreamMetadata_CueSheet_Index *x; FLAC__ASSERT(from->num_indices > 0); - if(0 == (x = safe_malloc_mul_2op_(from->num_indices, /*times*/sizeof(FLAC__StreamMetadata_CueSheet_Index)))) + if(0 == (x = safe_malloc_mul_2op_p(from->num_indices, /*times*/sizeof(FLAC__StreamMetadata_CueSheet_Index)))) return false; memcpy(x, from->indices, from->num_indices * sizeof(FLAC__StreamMetadata_CueSheet_Index)); to->indices = x; @@ -173,7 +177,7 @@ static FLAC__StreamMetadata_SeekPoint *seekpoint_array_new_(unsigned num_points) FLAC__ASSERT(num_points > 0); - object_array = safe_malloc_mul_2op_(num_points, /*times*/sizeof(FLAC__StreamMetadata_SeekPoint)); + object_array = safe_malloc_mul_2op_p(num_points, /*times*/sizeof(FLAC__StreamMetadata_SeekPoint)); if(0 != object_array) { unsigned i; diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c index ca4c185c..9aa76588 100644 --- a/src/libFLAC/stream_decoder.c +++ b/src/libFLAC/stream_decoder.c @@ -1729,7 +1729,7 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre /* read comments */ if(obj->num_comments > 0) { - if(0 == (obj->comments = safe_malloc_mul_2op_(obj->num_comments, /*times*/sizeof(FLAC__StreamMetadata_VorbisComment_Entry)))) { + if(0 == (obj->comments = safe_malloc_mul_2op_p(obj->num_comments, /*times*/sizeof(FLAC__StreamMetadata_VorbisComment_Entry)))) { decoder->protected_->state = FLAC__STREAM_DECODER_MEMORY_ALLOCATION_ERROR; return false; } diff --git a/src/libFLAC/stream_encoder.c b/src/libFLAC/stream_encoder.c index c8d8adb8..48c0d935 100644 --- a/src/libFLAC/stream_encoder.c +++ b/src/libFLAC/stream_encoder.c @@ -966,7 +966,7 @@ static FLAC__StreamEncoderInitStatus init_stream_internal_( */ encoder->private_->verify.input_fifo.size = encoder->protected_->blocksize+OVERREAD_; for(i = 0; i < encoder->protected_->channels; i++) { - if(0 == (encoder->private_->verify.input_fifo.data[i] = safe_malloc_mul_2op_(sizeof(FLAC__int32), /*times*/encoder->private_->verify.input_fifo.size))) { + if(0 == (encoder->private_->verify.input_fifo.data[i] = safe_malloc_mul_2op_p(sizeof(FLAC__int32), /*times*/encoder->private_->verify.input_fifo.size))) { encoder->protected_->state = FLAC__STREAM_ENCODER_MEMORY_ALLOCATION_ERROR; return FLAC__STREAM_ENCODER_INIT_STATUS_ENCODER_ERROR; } @@ -1707,7 +1707,7 @@ FLAC_API FLAC__bool FLAC__stream_encoder_set_metadata(FLAC__StreamEncoder *encod } if(num_blocks) { FLAC__StreamMetadata **m; - if(0 == (m = safe_malloc_mul_2op_(sizeof(m[0]), /*times*/num_blocks))) + if(0 == (m = safe_malloc_mul_2op_p(sizeof(m[0]), /*times*/num_blocks))) return false; memcpy(m, metadata, sizeof(m[0]) * num_blocks); encoder->protected_->metadata = m;