[klibc] calloc: Fail if multiplication overflows
Origin: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=
292650f04c2b5348b4efbad61fb014ed09b4f3f2
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-31870
calloc() multiplies its 2 arguments together and passes the result to
malloc(). Since the factors and product both have type size_t, this
can result in an integer overflow and subsequent buffer overflow.
Check for this and fail if it happens.
CVE-2021-31870
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Name 0037-klibc-calloc-Fail-if-multiplication-overflows.patch
projects / klibc.git / commit