From 2cad237f8bea862923bf9e7e2d7c55544f6248e0 Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Thu, 2 Jan 2014 23:54:59 +0100
Subject: ta: check overflow in array realloc macros

---
 ta/ta_utils.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'ta/ta_utils.c')

diff --git a/ta/ta_utils.c b/ta/ta_utils.c
index 4d1e73fab6..a6b59f2e3d 100644
--- a/ta/ta_utils.c
+++ b/ta/ta_utils.c
@@ -30,6 +30,17 @@ size_t ta_calc_array_size(size_t element_size, size_t count)
     return element_size * count;
 }
 
+// This is used when an array has to be enlarged for appending new elements.
+// Return a "good" size for the new array (in number of elements). This returns
+// a value >= nextidx, unless the calculation overflows, in which case SIZE_MAX
+// is returned.
+size_t ta_calc_prealloc_elems(size_t nextidx)
+{
+    if (nextidx >= ((size_t)-1) / 2 - 1)
+        return (size_t)-1;
+    return (nextidx + 1) * 2;
+}
+
 static void dummy_dtor(void *p){}
 
 /* Create an empty (size 0) TA allocation, which is prepared in a way such that
-- 
cgit v1.2.3