From a6700362c71c3978acd53762e1f2e11e7f7a38b5 Mon Sep 17 00:00:00 2001
From: Brecht Van Lommel <brechtvanlommel@gmail.com>
Date: Sun, 14 Jan 2018 21:53:32 +0100
Subject: Memory: add MEM_malloc_arrayN() function to protect against overflow.

Differential Revision: https://developer.blender.org/D3002
---
 intern/guardedalloc/MEM_guardedalloc.h | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'intern/guardedalloc/MEM_guardedalloc.h')

diff --git a/intern/guardedalloc/MEM_guardedalloc.h b/intern/guardedalloc/MEM_guardedalloc.h
index f6048a04cf3..a57921223e2 100644
--- a/intern/guardedalloc/MEM_guardedalloc.h
+++ b/intern/guardedalloc/MEM_guardedalloc.h
@@ -113,12 +113,26 @@ extern "C" {
 	 * pointer to it is stored ! */
 	extern void *(*MEM_callocN)(size_t len, const char *str) /* ATTR_MALLOC */ ATTR_WARN_UNUSED_RESULT ATTR_ALLOC_SIZE(1) ATTR_NONNULL(2);
 
+	/**
+	 * Allocate a block of memory of size (len * size), with tag name
+	 * str, aborting in case of integer overflows to prevent vulnerabilities.
+	 * The memory is cleared. The name must be static, because only a
+	 * pointer to it is stored ! */
+	extern void *(*MEM_calloc_arrayN)(size_t len, size_t size, const char *str) /* ATTR_MALLOC */ ATTR_WARN_UNUSED_RESULT ATTR_ALLOC_SIZE(1,2) ATTR_NONNULL(3);
+
 	/**
 	 * Allocate a block of memory of size len, with tag name str. The
 	 * name must be a static, because only a pointer to it is stored !
 	 * */
 	extern void *(*MEM_mallocN)(size_t len, const char *str) /* ATTR_MALLOC */ ATTR_WARN_UNUSED_RESULT ATTR_ALLOC_SIZE(1) ATTR_NONNULL(2);
 
+	/**
+	 * Allocate a block of memory of size (len * size), with tag name str,
+	 * aborting in case of integer overflow to prevent vulnerabilities. The
+	 * name must be a static, because only a pointer to it is stored !
+	 * */
+	extern void *(*MEM_malloc_arrayN)(size_t len, size_t size, const char *str) /* ATTR_MALLOC */ ATTR_WARN_UNUSED_RESULT ATTR_ALLOC_SIZE(1,2) ATTR_NONNULL(3);
+
 	/**
 	 * Allocate an aligned block of memory of size len, with tag name str. The
 	 * name must be a static, because only a pointer to it is stored !
-- 
cgit v1.2.3