From c54db6f008990743c52cf273b9ce6b93ec7f00f3 Mon Sep 17 00:00:00 2001
From: Peter Limkilde Svendsen <peter.limkilde@gmail.com>
Date: Sat, 2 Feb 2019 15:52:39 +0100
Subject: [PATCH] Add integer overflow check to calloc

---
 src/header/stdlib/mod.rs | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/header/stdlib/mod.rs b/src/header/stdlib/mod.rs
index d36e13a0..713ba6c2 100644
--- a/src/header/stdlib/mod.rs
+++ b/src/header/stdlib/mod.rs
@@ -186,12 +186,18 @@ pub unsafe extern "C" fn bsearch(
 
 #[no_mangle]
 pub unsafe extern "C" fn calloc(nelem: size_t, elsize: size_t) -> *mut c_void {
-    let size = nelem * elsize;
-    let ptr = malloc(size);
-    if !ptr.is_null() {
-        intrinsics::write_bytes(ptr as *mut u8, 0, size);
+    //Handle possible integer overflow in size calculation
+    let size_result = nelem.checked_mul(elsize);
+    match size_result {
+        Some(size) => {
+            let ptr = malloc(size);
+            if !ptr.is_null() {
+                intrinsics::write_bytes(ptr as *mut u8, 0, size);
+            }
+            ptr
+        },
+        None => core::ptr::null_mut()
     }
-    ptr
 }
 
 #[repr(C)]
-- 
GitLab