ossl.c: check integer overflow

* ext/openssl/ossl.c (Init_ossl_locks): check integer overflow. OPENSSL_malloc() takes int only. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41879 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-07-10 02:19:47 +0000
committer: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-07-10 02:19:47 +0000
commit: c341e85b1c49fd0dce2dc809cc6c4a63b8d853f4 (patch)
tree: ca60a8f999e9b750cec1c79466fb3b7f64e2d52f /ext/openssl/ossl.c
parent: 1734e481afd6de3a83a3d692259444f67e70077a (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index f86a3eee27..e052a2ce09 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -480,9 +480,13 @@ static unsigned long ossl_thread_id(void)
 static void Init_ossl_locks(void)
 {
     int i;
+    int num_locks = CRYPTO_num_locks();
 
-    ossl_locks = (VALUE*) OPENSSL_malloc(CRYPTO_num_locks() * sizeof(VALUE));
-    for (i = 0; i < CRYPTO_num_locks(); i++) {
+    if ((unsigned)num_locks >= INT_MAX / (int)sizeof(VALUE)) {
+	rb_raise(rb_eRuntimeError, "CRYPTO_num_locks() is too big: %d", num_locks);
+    }
+    ossl_locks = (VALUE*) OPENSSL_malloc(num_locks * (int)sizeof(VALUE));
+    for (i = 0; i < num_locks; i++) {
 	ossl_locks[i] = rb_mutex_new();
 	rb_global_variable(&(ossl_locks[i]));
     }
author	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-07-10 02:19:47 +0000
committer	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-07-10 02:19:47 +0000
commit	c341e85b1c49fd0dce2dc809cc6c4a63b8d853f4 (patch)
tree	ca60a8f999e9b750cec1c79466fb3b7f64e2d52f /ext/openssl/ossl.c
parent	1734e481afd6de3a83a3d692259444f67e70077a (diff)