diff options
author | Jack Lloyd <[email protected]> | 2017-09-07 13:25:52 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-09-07 13:25:52 -0400 |
commit | 51f8edb0cb83c75bdf3818d7e88cac87502b4d31 (patch) | |
tree | f2f7499a48988a273d30a94908b25799521017eb /src | |
parent | fdc94d8250040aa3d148fbaa802e5b9ea78d7c26 (diff) |
Avoid throwing in deallocate
Could end up causing a throw during a destructor leading to a crash,
if the application created a very large secure_vector.
Flagged by Coverity.
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/utils/locking_allocator/locking_allocator.cpp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/utils/locking_allocator/locking_allocator.cpp b/src/lib/utils/locking_allocator/locking_allocator.cpp index ce8270d68..bdd675af1 100644 --- a/src/lib/utils/locking_allocator/locking_allocator.cpp +++ b/src/lib/utils/locking_allocator/locking_allocator.cpp @@ -131,11 +131,11 @@ bool mlock_allocator::deallocate(void* p, size_t num_elems, size_t elem_size) size_t n = num_elems * elem_size; /* - We return nullptr in allocate if there was an overflow, so we - should never ever see an overflow in a deallocation. + We return nullptr in allocate if there was an overflow, so if an + overflow occurs here we know the pointer was not allocated by this pool. */ - BOTAN_ASSERT(n / elem_size == num_elems, - "No overflow in deallocation"); + if(n / elem_size != num_elems) + return false; if(!ptr_in_pool(m_pool, m_poolsize, p, n)) return false; |