diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 7997d2113b4493..d051305dd84d8d 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -5592,11 +5592,10 @@ void GetCurves(const FunctionCallbackInfo& args) { const size_t num_curves = EC_get_builtin_curves(nullptr, 0); Local arr = Array::New(env->isolate(), num_curves); EC_builtin_curve* curves; - size_t alloc_size; if (num_curves) { - alloc_size = sizeof(*curves) * num_curves; - curves = static_cast(node::Malloc(alloc_size)); + curves = static_cast(node::Malloc(sizeof(*curves), + num_curves)); CHECK_NE(curves, nullptr); diff --git a/src/string_bytes.cc b/src/string_bytes.cc index fa641af7469d07..fddf61de636306 100644 --- a/src/string_bytes.cc +++ b/src/string_bytes.cc @@ -54,7 +54,7 @@ class ExternString: public ResourceType { return scope.Escape(String::Empty(isolate)); TypeName* new_data = - static_cast(node::Malloc(length * sizeof(*new_data))); + static_cast(node::Malloc(length, sizeof(*new_data))); if (new_data == nullptr) { return Local(); } diff --git a/src/util-inl.h b/src/util-inl.h index 9357f675021367..3f3139e1f05fbf 100644 --- a/src/util-inl.h +++ b/src/util-inl.h @@ -229,6 +229,14 @@ bool StringEqualNoCaseN(const char* a, const char* b, size_t length) { return true; } +inline size_t MultiplyWithOverflowCheck(size_t a, size_t b) { + size_t ret = a * b; + if (a != 0) + CHECK_EQ(b, ret / a); + + return ret; +} + // These should be used in our code as opposed to the native // versions as they abstract out some platform and or // compiler version specific functionality. @@ -236,24 +244,28 @@ bool StringEqualNoCaseN(const char* a, const char* b, size_t length) { // that the standard allows them to either return a unique pointer or a // nullptr for zero-sized allocation requests. Normalize by always using // a nullptr. -void* Realloc(void* pointer, size_t size) { - if (size == 0) { +void* Realloc(void* pointer, size_t n, size_t size) { + size_t full_size = MultiplyWithOverflowCheck(size, n); + + if (full_size == 0) { free(pointer); return nullptr; } - return realloc(pointer, size); + + return realloc(pointer, full_size); } // As per spec realloc behaves like malloc if passed nullptr. -void* Malloc(size_t size) { +void* Malloc(size_t n, size_t size) { + if (n == 0) n = 1; if (size == 0) size = 1; - return Realloc(nullptr, size); + return Realloc(nullptr, n, size); } void* Calloc(size_t n, size_t size) { if (n == 0) n = 1; if (size == 0) size = 1; - CHECK_GE(n * size, n); // Overflow guard. + MultiplyWithOverflowCheck(size, n); return calloc(n, size); } diff --git a/src/util.h b/src/util.h index 9460bb96d5f824..f240baf3fae7a0 100644 --- a/src/util.h +++ b/src/util.h @@ -31,9 +31,9 @@ namespace node { // that the standard allows them to either return a unique pointer or a // nullptr for zero-sized allocation requests. Normalize by always using // a nullptr. -inline void* Realloc(void* pointer, size_t size); -inline void* Malloc(size_t size); -inline void* Calloc(size_t n, size_t size); +inline void* Realloc(void* pointer, size_t n, size_t size = 1); +inline void* Malloc(size_t n, size_t size = 1); +inline void* Calloc(size_t n, size_t size = 1); #ifdef __GNUC__ #define NO_RETURN __attribute__((noreturn)) @@ -298,10 +298,7 @@ class MaybeStackBuffer { if (storage <= kStackStorageSize) { buf_ = buf_st_; } else { - // Guard against overflow. - CHECK_LE(storage, sizeof(T) * storage); - - buf_ = static_cast(Malloc(sizeof(T) * storage)); + buf_ = static_cast(Malloc(sizeof(T), storage)); CHECK_NE(buf_, nullptr); }