[Bug 239688] [patch] geom: uzip: Use mallocarray to prevent potential integer overflow

bugzilla-noreply Wed, 07 Aug 2019 00:27:10 -0700

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239688


            Bug ID: 239688
           Summary: [patch] geom: uzip: Use mallocarray to prevent
                    potential integer overflow
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: b...@freebsd.org
          Reporter: hsleste...@gmail.com

Created attachment 206322
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=206322&action=edit
g_uzip_zlib patch

The implementation of z_alloc() in g_uzip_zlib.c uses malloc() to allocate
resources without any check for the size.
This may lead to integer overflow.
It is better to use mallocarray() here to prevent such risk.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 239688] [patch] geom: uzip: Use mallocarray to prevent potential integer overflow

Reply via email to