review.tizen.org Git - platform/upstream/nodejs.git/commit

author	min7.choi <min7.choi@samsung.com>
	Mon, 12 Jun 2017 04:01:20 +0000 (13:01 +0900)
committer	min7.choi <min7.choi@samsung.com>
	Mon, 12 Jun 2017 04:01:25 +0000 (13:01 +0900)
commit	2db09a48e8ca740c4543589c035102312dd0310e
tree	6890491f1b91c0142e376e0421d61e97be31613f	tree \| snapshot
parent	2bf568d50480657b4bee24f1cad9851787199071	commit \| diff

Avoid some undefined pointer arithmetic

A common idiom in the codebase is:

if (p + len > limit)
{
return; /* Too long */
}

Where "p" points to some malloc'd data of SIZE bytes and
limit == p + SIZE

"len" here could be from some externally supplied data (e.g. from a TLS
message).

The rules of C pointer arithmetic are such that "p + len" is only well
defined where len <= SIZE. Therefore the above idiom is actually
undefined behaviour.

For example this could cause problems if some malloc implementation
provides an address for "p" such that "p + len" actually overflows for
values of len that are too big and therefore p + len < limit!w

Change-Id: Iafd9f2d3c35eb26b930a45b5a9461cb19f75bcb4
Signed-off-by: min7.choi <min7.choi@samsung.com>

deps/openssl/openssl/ssl/s3_srvr.c		diff \| blob \| history
deps/openssl/openssl/ssl/ssl_sess.c		diff \| blob \| history
deps/openssl/openssl/ssl/t1_lib.c		diff \| blob \| history