From: Mansour Moufid <mansourmoufid@gmail.com>
Date: Sun, 19 Oct 2014 17:12:11 +0000 (-0400)
Subject: Document the calloc function overflow check.
X-Git-Tag: tor-0.2.6.2-alpha~118^2~3
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=81b452d245c19e9a16681567b9dbcf0f7a71ac78;p=thirdparty%2Ftor.git

Document the calloc function overflow check.
---

diff --git a/src/common/util.c b/src/common/util.c
index 013a501dbc..74a538ed2f 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -195,8 +195,10 @@ tor_malloc_zero_(size_t size DMALLOC_PARAMS)
   return result;
 }
 
+/* Estimate the square root of SIZE_MAX. */
 #define SQRT_SIZE_MAX (((size_t) SIZE_MAX) >> (sizeof(size_t) * 8 / 2))
 
+/** Return non-zero if and only if the product of the arguments is exact. */
 static INLINE int
 size_mul_check(const size_t x, const size_t y)
 {
@@ -208,6 +210,8 @@ size_mul_check(const size_t x, const size_t y)
  * the memory with zero bytes, and return a pointer to the result.
  * Log and terminate the process on error.  (Same as
  * calloc(<b>nmemb</b>,<b>size</b>), but never returns NULL.)
+ * The second argument (<b>size</b>) should preferably be non-zero
+ * and a compile-time constant.
  */
 void *
 tor_calloc_(size_t nmemb, size_t size DMALLOC_PARAMS)