[Bug 239688] [patch] geom: uzip: Use mallocarray to prevent potential integer overflow
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Aug 7 07:26:47 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239688
Bug ID: 239688
Summary: [patch] geom: uzip: Use mallocarray to prevent
potential integer overflow
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: bugs at FreeBSD.org
Reporter: hslester96 at gmail.com
Created attachment 206322
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=206322&action=edit
g_uzip_zlib patch
The implementation of z_alloc() in g_uzip_zlib.c uses malloc() to allocate
resources without any check for the size.
This may lead to integer overflow.
It is better to use mallocarray() here to prevent such risk.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list