strbuf: Extend strbuf_reserve_extra size check

Make sure that alignment to BUF_STEP won't overflow if excessively
huge amount of memory is requested to be reserved.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Link: https://github.com/kmod-project/kmod/pull/268
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>

diff --git a/shared/strbuf.c b/shared/strbuf.c
index 0dd7a5b0dc9522a9a62bf4764f2cc117386adab5..332dbd339857ac6f28aa54ec3ad517d3f575f5f7 100644 (file)
--- a/shared/strbuf.c
+++ b/shared/strbuf.c
@@ -36,7 +36,7 @@ static bool buf_realloc(struct strbuf *buf, size_t sz)
 
 bool strbuf_reserve_extra(struct strbuf *buf, size_t n)
 {
-       if (uaddsz_overflow(buf->used, n, &n))
+       if (uaddsz_overflow(buf->used, n, &n) || n > SIZE_MAX - BUF_STEP)
                return false;
 
        if (n <= buf->size)