- markus@cvs.openbsd.org 2002/11/05 19:45:20
[monitor.c]
handle overflows for size_t larger than u_int; siw@goneko.de, bug #425
diff --git a/ChangeLog b/ChangeLog
index be51642..9c7a786 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,6 +16,9 @@
- markus@cvs.openbsd.org 2002/11/04 10:09:51
[packet.c]
log before send disconnect; ok djm@
+ - markus@cvs.openbsd.org 2002/11/05 19:45:20
+ [monitor.c]
+ handle overflows for size_t larger than u_int; siw@goneko.de, bug #425
20021021
- (djm) Bug #400: Kill ssh-rand-helper children on timeout, patch from
@@ -793,4 +796,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@
-$Id: ChangeLog,v 1.2504 2002/11/09 15:46:24 mouring Exp $
+$Id: ChangeLog,v 1.2505 2002/11/09 15:47:47 mouring Exp $
diff --git a/monitor.c b/monitor.c
index 4ad3f3d..b91cfde 100644
--- a/monitor.c
+++ b/monitor.c
@@ -25,7 +25,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: monitor.c,v 1.29 2002/09/26 11:38:43 markus Exp $");
+RCSID("$OpenBSD: monitor.c,v 1.30 2002/11/05 19:45:20 markus Exp $");
#include <openssl/dh.h>
@@ -1551,7 +1551,7 @@
void *
mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
{
- size_t len = size * ncount;
+ size_t len = (size_t) size * ncount;
void *address;
if (len == 0 || ncount > SIZE_T_MAX / size)