svn commit: r265367 - head/lib/libc/regex

Andrey Chernov ache at
Mon May 5 23:15:46 UTC 2014

On 06.05.2014 2:59, Warner Losh wrote:
> Stupid is as stupid does. malloc and realloc both have this same issue. While an interesting theoretical attack, the size doesn’t necessarily come from multiplication. Careful coding is still required, not matter what spin you put on this. reallocf() solves the memory leak issue, but not the problem with overflow (which the realloc() interface has too). The caller can check to make sure they aren’t requesting too much memory and overflowing. The interface isn’t designed to solve the problem you are complaining about.
> There’s only so much you can do to prevent programming errors. calloc() isn’t going to solve the world’s problems for you, and introduces a non-trivial amount of overhead for the trivial amount of overhead that is “saved” by moving the overflow check from the caller to the callee...

I agree completely.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the svn-src-head mailing list