Fix unreachable heap corruption in base64_decode()

Give size_mul_check() external linkage and use it in base64_decode() to avoid a potential integer wrap. Closes #19222
author: Hans Jerry Illikainen <hji@dyntopia.com> 2016-12-11 20:17:49 +0000
committer: Nick Mathewson <nickm@torproject.org> 2016-12-23 09:47:09 -0500
commit: a23fd1578612051a3ac804c12a629f6a5cfa296e (patch)
tree: 7b64f7ab79efaf2469efefbe60bbcec46f5aed59 /src/common/util.c
parent: f3da62dbdfb2057a7c8d5d46367e9d41bdd5b9ec (diff)
download: tor-a23fd1578612051a3ac804c12a629f6a5cfa296e.tar.gz
tor-a23fd1578612051a3ac804c12a629f6a5cfa296e.zip
1 files changed, 1 insertions, 10 deletions
diff --git a/src/common/util.c b/src/common/util.c
index 9d134c1bb2..d02eb664d7 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -188,7 +188,7 @@ tor_malloc_zero_(size_t size DMALLOC_PARAMS)
 #define SQRT_SIZE_MAX_P1 (((size_t)1) << (sizeof(size_t)*4))
 
 /** Return non-zero if and only if the product of the arguments is exact. */
-static inline int
+inline int
 size_mul_check(const size_t x, const size_t y)
 {
   /* This first check is equivalent to
@@ -202,15 +202,6 @@ size_mul_check(const size_t x, const size_t y)
           x <= SIZE_MAX / y);
 }
 
-#ifdef TOR_UNIT_TESTS
-/** Exposed for unit tests only */
-int
-size_mul_check__(const size_t x, const size_t y)
-{
-  return size_mul_check(x,y);
-}
-#endif
-
 /** Allocate a chunk of <b>nmemb</b>*<b>size</b> bytes of memory, fill
  * the memory with zero bytes, and return a pointer to the result.
  * Log and terminate the process on error.  (Same as
author	Hans Jerry Illikainen <hji@dyntopia.com>	2016-12-11 20:17:49 +0000
committer	Nick Mathewson <nickm@torproject.org>	2016-12-23 09:47:09 -0500
commit	a23fd1578612051a3ac804c12a629f6a5cfa296e (patch)
tree	7b64f7ab79efaf2469efefbe60bbcec46f5aed59 /src/common/util.c
parent	f3da62dbdfb2057a7c8d5d46367e9d41bdd5b9ec (diff)
download	tor-a23fd1578612051a3ac804c12a629f6a5cfa296e.tar.gz tor-a23fd1578612051a3ac804c12a629f6a5cfa296e.zip