CVSROOT: /cvs
Module name: src
Changes by: blamb...@cvs.openbsd.org 2014/10/12 07:08:47
Modified files:
usr.sbin/relayd: agentx.c
usr.sbin/snmpd : agentx.c
Log message:
Remove possibility of mutiplicative integer overflow by not multiplying.
Instead of the widespread-but-overflow-prone
while (newlen < wanted) { newlen *= 2; }
idiom, just realloc() for the space requested by the caller and check
for additive overflow.
Also change type of 'newlen' variable from int to size_t to avoid
overflows there.
Pointed out by deraadt@
ok reyk@
