bstr: check for overflow in buffer allocation

We're being a little bit lazy here and limit the max allocation to SIZE_MAX/2, which is practically infinite anyway on 64 bit systems.
2025-01-18 04:51:52 +00:00 · 2014-01-03 00:34:15 +01:00 · 2014-01-03 00:34:15 +01:00 · 7ed4ce91e8
commit 7ed4ce91e8
parent 2cad237f8b
1 changed files with 4 additions and 0 deletions
--- a/bstr/bstr.c
+++ b/bstr/bstr.c
@ -20,6 +20,8 @@
 #include <assert.h>
 #include <ctype.h>
 #include <stdarg.h>
+#include <stdint.h>
+#include <stdlib.h>

 #include <libavutil/common.h>

@ -348,6 +350,8 @@ static void resize_append(void *talloc_ctx, bstr *s, size_t append_min)
    if (append_min > size - s->len) {
        if (append_min < size)
            append_min = size; // preallocate in power of 2s
+        if (size >= SIZE_MAX / 2 || append_min >= SIZE_MAX / 2)
+            abort(); // oom
        s->start = talloc_realloc_size(talloc_ctx, s->start, size + append_min);
    }
 }