===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/cvs/xmalloc.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -c -r1.12 -r1.13
*** src/usr.bin/cvs/xmalloc.c	2015/11/05 09:48:21	1.12
--- src/usr.bin/cvs/xmalloc.c	2015/11/17 18:25:02	1.13
***************
*** 1,4 ****
! /* $OpenBSD: xmalloc.c,v 1.12 2015/11/05 09:48:21 nicm Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
--- 1,4 ----
! /* $OpenBSD: xmalloc.c,v 1.13 2015/11/17 18:25:02 tobias Exp $ */
  /*
   * Author: Tatu Ylonen <ylo@cs.hut.fi>
   * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
***************
*** 13,18 ****
--- 13,20 ----
   * called by a name other than "ssh" or "Secure Shell".
   */
  
+ #include <errno.h>
+ #include <limits.h>
  #include <stdint.h>
  #include <stdio.h>
  #include <stdlib.h>
***************
*** 30,36 ****
  		fatal("xmalloc: zero size");
  	ptr = malloc(size);
  	if (ptr == NULL)
! 		fatal("xmalloc: out of memory (allocating %lu bytes)", (u_long) size);
  	return ptr;
  }
  
--- 32,39 ----
  		fatal("xmalloc: zero size");
  	ptr = malloc(size);
  	if (ptr == NULL)
! 		fatal("xmalloc: allocating %zu bytes: %s",
! 		    size, strerror(errno));
  	return ptr;
  }
  
***************
*** 41,52 ****
  
  	if (size == 0 || nmemb == 0)
  		fatal("xcalloc: zero size");
- 	if (SIZE_MAX / nmemb < size)
- 		fatal("xcalloc: nmemb * size > SIZE_MAX");
  	ptr = calloc(nmemb, size);
  	if (ptr == NULL)
! 		fatal("xcalloc: out of memory (allocating %lu bytes)",
! 		    (u_long)(size * nmemb));
  	return ptr;
  }
  
--- 44,53 ----
  
  	if (size == 0 || nmemb == 0)
  		fatal("xcalloc: zero size");
  	ptr = calloc(nmemb, size);
  	if (ptr == NULL)
! 		fatal("xcalloc: allocating %zu * %zu bytes: %s",
! 		    nmemb, size, strerror(errno));
  	return ptr;
  }
  
***************
*** 54,81 ****
  xreallocarray(void *ptr, size_t nmemb, size_t size)
  {
  	void *new_ptr;
- 	size_t new_size = nmemb * size;
  
! 	if (new_size == 0)
! 		fatal("xrealloc: zero size");
! 	if (SIZE_MAX / nmemb < size)
! 		fatal("xrealloc: nmemb * size > SIZE_MAX");
! 	new_ptr = realloc(ptr, new_size);
  	if (new_ptr == NULL)
! 		fatal("xrealloc: out of memory (new_size %lu bytes)",
! 		    (u_long) new_size);
  	return new_ptr;
  }
  
  char *
  xstrdup(const char *str)
  {
- 	size_t len;
  	char *cp;
  
! 	len = strlen(str) + 1;
! 	cp = xmalloc(len);
! 	strlcpy(cp, str, len);
  	return cp;
  }
  
--- 55,77 ----
  xreallocarray(void *ptr, size_t nmemb, size_t size)
  {
  	void *new_ptr;
  
! 	if (nmemb == 0 || size == 0)
! 		fatal("xreallocarray: zero size");
! 	new_ptr = reallocarray(ptr, nmemb, size);
  	if (new_ptr == NULL)
! 		fatal("xreallocarray: allocating %zu * %zu bytes: %s",
! 		    nmemb, size, strerror(errno));
  	return new_ptr;
  }
  
  char *
  xstrdup(const char *str)
  {
  	char *cp;
  
! 	if ((cp = strdup(str)) == NULL)
! 		fatal("xstrdup: %s", strerror(errno));
  	return cp;
  }
  
***************
*** 90,112 ****
  	va_end(ap);
  
  	if (i < 0 || *ret == NULL)
! 		fatal("xasprintf: could not allocate memory");
  
! 	return (i);
  }
  
  int
! xsnprintf(char *str, size_t size, const char *fmt, ...)
  {
  	va_list ap;
  	int i;
  
  	va_start(ap, fmt);
! 	i = vsnprintf(str, size, fmt, ap);
  	va_end(ap);
  
! 	if (i == -1 || i >= (int)size)
  		fatal("xsnprintf: overflow");
  
! 	return (i);
  }
--- 86,111 ----
  	va_end(ap);
  
  	if (i < 0 || *ret == NULL)
! 		fatal("xasprintf: %s", strerror(errno));
  
! 	return i;
  }
  
  int
! xsnprintf(char *str, size_t len, const char *fmt, ...)
  {
  	va_list ap;
  	int i;
  
+ 	if (len > INT_MAX)
+ 		fatal("xsnprintf: len > INT_MAX");
+ 
  	va_start(ap, fmt);
! 	i = vsnprintf(str, len, fmt, ap);
  	va_end(ap);
  
! 	if (i < 0 || i >= (int)len)
  		fatal("xsnprintf: overflow");
  
! 	return i;
  }