I guess I’ve been doing it wrong all this time.
Perhaps you can tell me how the following doesn't return a 0-255 value.
uint64_t bufferToTime(const u_char buf[])
{
return (( (( (( (( (( (( ((
(uint64_t) buf[7]) << 8)
| buf[6]) << 8)
| buf[5]) << 8)
| buf[4]) << 8)
| buf[3]) << 8)
| buf[2]) << 8)
| buf[1]) << 8)
| buf[0];
}
}
On Wed, Feb 17, 2021 at 12:05 PM Theo de Raadt <dera...@openbsd.org> wrote:
> Luke Small <lukensm...@gmail.com> wrote:
>
> > I guess I always thought there'd be some more substantial overflow
> mitigation.
>
> You have to free with the exact same size as allocation.
>
> nmemb and size did not change.
>
> The math has already been checked, and regular codeflows will store the
> multiple in a single variable after successful checking&allocation, for
> reuse.
>
> > Would it be too much hand-holding to put in the manpage that to avoid
> potential
> > freeezero() integer overflow,
> > it may be useful to run freezero() as freezero((size_t)nmemb *
> (size_t)size);
>
> Wow, Those casts make it very clear you don't understand C, if you do
> that kind of stuff elsewhere you are introducing problems.
>
> Sorry no you are wrong.
>
