From a38b1cbc5e917d945340a6dd9dba4274a2eb8789 Mon Sep 17 00:00:00 2001
From: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Date: Fri, 23 Aug 2019 13:23:58 +0200
Subject: Size accounting + alloc() overflow checking, round #2

Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
---
 lib/sqfs/write_export_table.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'lib/sqfs/write_export_table.c')

diff --git a/lib/sqfs/write_export_table.c b/lib/sqfs/write_export_table.c
index f81632a..e42df15 100644
--- a/lib/sqfs/write_export_table.c
+++ b/lib/sqfs/write_export_table.c
@@ -19,8 +19,10 @@ int write_export_table(int outfd, fstree_t *fs, sqfs_super_t *super,
 	size_t i, size;
 	int ret;
 
-	size = sizeof(uint64_t) * (fs->inode_tbl_size - 1);
-	table = malloc(size);
+	if (fs->inode_tbl_size < 1)
+		return 0;
+
+	table = alloc_array(sizeof(uint64_t), (fs->inode_tbl_size - 1));
 
 	if (table == NULL) {
 		perror("Allocating NFS export table");
@@ -35,6 +37,7 @@ int write_export_table(int outfd, fstree_t *fs, sqfs_super_t *super,
 		}
 	}
 
+	size = sizeof(uint64_t) * (fs->inode_tbl_size - 1);
 	ret = sqfs_write_table(outfd, super, cmp, table, size, &start);
 
 	super->export_table_start = start;
-- 
cgit v1.2.3