1 : /*
2 : * gd_security.c
3 : *
4 : * Implements buffer overflow check routines.
5 : *
6 : * Written 2004, Phil Knirsch.
7 : * Based on netpbm fixes by Alan Cox.
8 : *
9 : */
10 :
11 : #ifdef HAVE_CONFIG_H
12 : #include "config.h"
13 : #endif
14 :
15 : #include <stdio.h>
16 : #include <stdlib.h>
17 : #include <limits.h>
18 : #include "gd.h"
19 :
20 : int overflow2(int a, int b)
21 2629 : {
22 2629 : if(a <= 0 || b <= 0) {
23 0 : php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative or zero, failing operation gracefully\n");
24 0 : return 1;
25 : }
26 2629 : if(a > INT_MAX / b) {
27 4 : php_gd_error("gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n");
28 4 : return 1;
29 : }
30 2625 : return 0;
31 : }
|
