comparison jdk/src/share/native/sun/awt/medialib/safe_alloc.h @ 5187:2358d9e7ca64

6914866: Sun JRE ImagingLib arbitrary code execution vulnerability Reviewed-by: prr, hawtin
author bae
date Wed, 17 Feb 2010 12:49:41 +0300
parents 90ce3da70b43
children 202f599c92aa
comparison
equal deleted inserted replaced
0:c7a50484c1b8 1:85cb92b54fb0
33 * that perform buffer size calculation with integer overflow 33 * that perform buffer size calculation with integer overflow
34 * check. 34 * check.
35 */ 35 */
36 #define SAFE_TO_ALLOC_2(c, sz) \ 36 #define SAFE_TO_ALLOC_2(c, sz) \
37 (((c) > 0) && ((sz) > 0) && \ 37 (((c) > 0) && ((sz) > 0) && \
38 ((0xffffffffu / ((juint)(c))) > (sz))) 38 ((0xffffffffu / ((juint)(c))) > ((juint)(sz))))
39 39
40 #define SAFE_TO_ALLOC_3(w, h, sz) \ 40 #define SAFE_TO_ALLOC_3(w, h, sz) \
41 (((w) > 0) && ((h) > 0) && ((sz) > 0) && \ 41 (((w) > 0) && ((h) > 0) && ((sz) > 0) && \
42 (((0xffffffffu / ((juint)(w))) / ((juint)(h))) > (sz))) 42 (((0xffffffffu / ((juint)(w))) / ((juint)(h))) > ((juint)(sz))))
43 43
44 44
45 #endif // __SAFE_ALLOC_H__ 45 #endif // __SAFE_ALLOC_H__