| Wiki Markup |
|---|
The {{calloc()}} function takes two arguments: the number of elements to allocate and the storage size of those elements. Typically, {{calloc()}} function implementations multiply these arguments together to determine how much memory to allocate. Historically, some implementations failed to check if this multiplication could result in an integer overflow \[[RUS-CERT Advisory 2002-08:02|http://cert.uni-stuttgart.de/advisories/calloc.php]\]. If the result of multiplying the number of elements to allocate and the storage size cannot be represented as a {{size_t}}, less memory is allocated than was requested. As a result, it is necessary to ensure that these arguments, when multiplied, do not result in an integer overflow. |
Modern implementations of the C standard library should check for overflows. If the libraries being used for a particular implementation properly handle possible integer overflows on the multiplication, that is sufficient to comply with this recommendation.
...
| Wiki Markup |
|---|
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.18.3, "Limits of other integer types" \[[Seacord 05|AA. C References#Seacord 05]\] Chapter 4, "Dynamic Memory Management" \[[RUS-CERT|AA. C References#RUS-CERT]\] Advisory 2002-08:02|http://cert.uni-stuttgart.de/advisories/calloc.php]\], "Flaw in calloc and similar routines" \[[Secunia|AA. Advisory SA10635|http://secunia.com/advisories/10635/C References#Secunia]\] Advisory SA10635, "HP-UX calloc Buffer Size Miscalculation Vulnerability" |
...