ntdll: Protect RtlAllocateHeap and RtlReAllocateHeap against integer overflows with large values of size.

Chris Robinson chris.kcat at gmail.com
Fri May 18 06:09:46 CDT 2007


On Friday 18 May 2007 04:01:19 am Robert Shearman wrote:
> +    ULONGLONG llret = (ULONGLONG)a + b;
> +    if ((sizeof(SIZE_T) < sizeof(ULONGLONG)) && (llret > 0xffffffff))
> +        return FALSE;

WOuldn't this be more correct (as well as function when sizeof(SIZE_T) >= 
sizeof(ULONGLONG)):

SIZE_T res = a + b;
return (res >= a);



More information about the wine-devel mailing list