From a064038d85758c2e8add556f9aafa7823df53ef4 Mon Sep 17 00:00:00 2001
From: Masaki Muranaka <monaka@monami-ya.jp>
Date: Sat, 7 Jul 2012 12:38:07 +0900
Subject: Add a check for unsigned integer wrapping.

---
 src/gc.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/gc.c b/src/gc.c
index 5f30570de..2149a2d43 100644
--- a/src/gc.c
+++ b/src/gc.c
@@ -167,14 +167,16 @@ mrb_malloc(mrb_state *mrb, size_t len)
 void*
 mrb_calloc(mrb_state *mrb, size_t nelem, size_t len)
 {
-  void *p;
+  void *p = NULL;
   size_t size;
 
-  size = nelem * len;
-  p = mrb_realloc(mrb, 0, size);
+  if (nelem <= SIZE_MAX / len) {
+    size = nelem * len;
+    p = mrb_realloc(mrb, 0, size);
 
-  if (p && size > 0)
-    memset(p, 0, size);
+    if (p && size > 0)
+      memset(p, 0, size);
+  }
 
   return p;
 }
-- 
cgit v1.2.3