tech-userlevel: Re: CVS commit: basesrc/lib/libc/stdlib

Subject: Re: CVS commit: basesrc/lib/libc/stdlib
To: Jaromir Dolecek <jdolecek@netbsd.org>
From: None <itojun@iijlab.net>
List: tech-userlevel
Date: 07/30/2002 22:14:51

>> >I don't think such babysitting should be done, I don't think such
>> >gratuitous change should be done. I'd go as far as saying that
>> >this change is broken. Let's discuss this change on tech-userlevel.
>> 	then what should happen if
>> 		x = calloc(0x10000000, 17);
>> 	on 32bit arch?  it sure will cause integer overflow.
>> 	the commit will make it return NULL (allocation failure).
>It's not libc's business to care about this IMHO.
>Why should this change be done? Does it solve any real problem?
>Checks like these should be within #ifdef _DIAGNOSTIC.

	suppose you've managed to calloc 0x100000010 bytes (= 0x10 bytes due to
	overflow).  if the call goes successful, you'll overwrite places which
	you shouldn't write.

itojun