diff options
| author | Peter Hutterer <peter.hutterer@who-t.net> | 2018-06-20 09:34:30 +1000 |
|---|---|---|
| committer | Peter Hutterer <peter.hutterer@who-t.net> | 2018-06-20 11:41:48 +1000 |
| commit | 793c8d51e871252e03fd6aac79d1bf6fd4f717d3 (patch) | |
| tree | 14655f38d1d7a9a9ef479860565aef493bb5e974 /src | |
| parent | 4203ab52bfd249a50bbfa305bb48f4b42e73a714 (diff) | |
util: abort if we try to allocate more than a MB
The ssize_t cast upsets coverity for some reason but we can be a lot more
restrictive here anyway. Quick analysis of the zalloc calls in the test suite
show the largest allocation is 9204 bytes.
Let's put a cap on for one MB, anything above that is likely some memory
corruption and should be caught early.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Matheus Santana <embs@cin.ufpe.br>
Diffstat (limited to 'src')
| -rw-r--r-- | src/libinput-util.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/libinput-util.h b/src/libinput-util.h index 8c67dcbd..4f60e8ea 100644 --- a/src/libinput-util.h +++ b/src/libinput-util.h @@ -142,7 +142,9 @@ zalloc(size_t size) { void *p; - if ((ssize_t)size < 0) + /* We never need to alloc anything even near one MB so we can assume + * if we ever get above that something's going wrong */ + if (size > 1024 * 1024) abort(); p = calloc(1, size); |