RFR: 8371647: 7 Integer overflows in mlib_malloc of mlib_sys.c:85
Damon Nguyen
dnguyen at openjdk.org
Fri Nov 28 22:08:13 UTC 2025
There is a possible overflow when using `mlib_alloc()`. For example, `mlib_alloc(sizeof(mlib_s32) * (m * n))` may overflow if m and n are greater than 46430, since this would be greater than the max value for a signed 32 bit integer. I have added `SAFE_TO_ADD` and `SAFE_TO_MULT` in an attempt to amend this issue. CI testing shows all green.
-------------
Commit messages:
- Initial commit
Changes: https://git.openjdk.org/jdk/pull/28560/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=28560&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8371647
Stats: 42 lines in 5 files changed: 42 ins; 0 del; 0 mod
Patch: https://git.openjdk.org/jdk/pull/28560.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/28560/head:pull/28560
PR: https://git.openjdk.org/jdk/pull/28560
More information about the client-libs-dev
mailing list