diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile index cf830046..7aadb822 100644 --- a/libselinux/src/Makefile +++ b/libselinux/src/Makefile @@ -108,6 +108,12 @@ ifeq (yes,$(shell printf '${H}include \nint main(void){char*d,*s;strlc override CFLAGS += -DHAVE_STRLCPY endif +# check for reallocarray(3) availability +H := \# +ifeq (yes,$(shell printf '${H}include \nint main(void){reallocarray(NULL, 0, 0);return 0;}' | $(CC) -x c -o /dev/null - >/dev/null 2>&1 && echo yes)) +override CFLAGS += -DHAVE_REALLOCARRAY +endif + SWIG_CFLAGS += -Wno-error -Wno-unused-variable -Wno-unused-but-set-variable -Wno-unused-parameter \ -Wno-shadow -Wno-uninitialized -Wno-missing-prototypes -Wno-missing-declarations \ -Wno-deprecated-declarations diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c index 0342823c..9dafa519 100644 --- a/libselinux/src/get_context_list.c +++ b/libselinux/src/get_context_list.c @@ -272,7 +272,7 @@ static int get_context_user(FILE * fp, continue; } if (security_check_context(usercon_str2) == 0) { - new_reachable = realloc(*reachable, (*nreachable + 2) * sizeof(char *)); + new_reachable = reallocarray(*reachable, *nreachable + 2, sizeof(char *)); if (!new_reachable) { context_free(usercon); rc = -1; diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c index b98849d9..e44734c3 100644 --- a/libselinux/src/matchpathcon.c +++ b/libselinux/src/matchpathcon.c @@ -96,8 +96,8 @@ static int add_array_elt(char *con) if (con_array_size) { while (con_array_used >= con_array_size) { con_array_size *= 2; - tmp = (char **)realloc(con_array, sizeof(char*) * - con_array_size); + tmp = (char **)reallocarray(con_array, con_array_size, + sizeof(char*)); if (!tmp) { free_array_elts(); return -1; diff --git a/libselinux/src/selinux_internal.c b/libselinux/src/selinux_internal.c index c2be7c0a..06852359 100644 --- a/libselinux/src/selinux_internal.c +++ b/libselinux/src/selinux_internal.c @@ -1,5 +1,7 @@ #include "selinux_internal.h" +#include +#include #include @@ -16,3 +18,15 @@ size_t strlcpy(char *dest, const char *src, size_t size) return ret; } #endif /* HAVE_STRLCPY */ + +#ifndef HAVE_REALLOCARRAY +void *reallocarray(void *ptr, size_t nmemb, size_t size) +{ + if (size && nmemb > SIZE_MAX / size) { + errno = ENOMEM; + return NULL; + } + + return realloc(ptr, nmemb * size); +} +#endif /* HAVE_REALLOCARRAY */ diff --git a/libselinux/src/selinux_internal.h b/libselinux/src/selinux_internal.h index 06f2c038..af69ff04 100644 --- a/libselinux/src/selinux_internal.h +++ b/libselinux/src/selinux_internal.h @@ -98,4 +98,8 @@ extern int has_selinux_config ; size_t strlcpy(char *dest, const char *src, size_t size); #endif +#ifndef HAVE_REALLOCARRAY +void *reallocarray(void *ptr, size_t nmemb, size_t size); +#endif + #endif /* SELINUX_INTERNAL_H_ */ diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c index 7ef2d45d..38f10f1c 100644 --- a/libselinux/src/selinux_restorecon.c +++ b/libselinux/src/selinux_restorecon.c @@ -175,8 +175,7 @@ static int add_exclude(const char *directory, bool who) return -1; } - tmp_list = realloc(exclude_lst, - sizeof(struct edir) * (exclude_count + 1)); + tmp_list = reallocarray(exclude_lst, exclude_count + 1, sizeof(struct edir)); if (!tmp_list) goto oom;