# HG changeset patch # User Matt Johnston # Date 1495462166 -28800 # Node ID 9aa6cd66b51dca61200acbcb20581f89ebbccd6c # Parent 17104db7928c0678f0a37ff5d26f82ffe377669c zlib can use m_malloc/m_free too diff -r 17104db7928c -r 9aa6cd66b51d common-kex.c --- a/common-kex.c Sun May 21 18:53:44 2017 +0800 +++ b/common-kex.c Mon May 22 22:09:26 2017 +0800 @@ -391,6 +391,14 @@ && ses.keys->recv.algo_comp == DROPBEAR_COMP_ZLIB_DELAY); } +static void* dropbear_zalloc(void* UNUSED(opaque), uInt items, uInt size) { + return m_calloc(items, size); +} + +static void dropbear_zfree(void* UNUSED(opaque), void* ptr) { + m_free(ptr); +} + /* Set up new zlib compression streams, close the old ones. Only * called from gen_new_keys() */ static void gen_new_zstream_recv() { @@ -399,11 +407,10 @@ if (ses.newkeys->recv.algo_comp == DROPBEAR_COMP_ZLIB || ses.newkeys->recv.algo_comp == DROPBEAR_COMP_ZLIB_DELAY) { ses.newkeys->recv.zstream = (z_streamp)m_malloc(sizeof(z_stream)); - ses.newkeys->recv.zstream->zalloc = Z_NULL; - ses.newkeys->recv.zstream->zfree = Z_NULL; + ses.newkeys->recv.zstream->zalloc = dropbear_zalloc; + ses.newkeys->recv.zstream->zfree = dropbear_zfree; if (inflateInit(ses.newkeys->recv.zstream) != Z_OK) { - m_free(ses.newkeys->recv.zstream); dropbear_exit("zlib error"); } } else { @@ -424,8 +431,8 @@ if (ses.newkeys->trans.algo_comp == DROPBEAR_COMP_ZLIB || ses.newkeys->trans.algo_comp == DROPBEAR_COMP_ZLIB_DELAY) { ses.newkeys->trans.zstream = (z_streamp)m_malloc(sizeof(z_stream)); - ses.newkeys->trans.zstream->zalloc = Z_NULL; - ses.newkeys->trans.zstream->zfree = Z_NULL; + ses.newkeys->trans.zstream->zalloc = dropbear_zalloc; + ses.newkeys->trans.zstream->zfree = dropbear_zfree; if (deflateInit2(ses.newkeys->trans.zstream, Z_DEFAULT_COMPRESSION, Z_DEFLATED, DROPBEAR_ZLIB_WINDOW_BITS, diff -r 17104db7928c -r 9aa6cd66b51d dbmalloc.c --- a/dbmalloc.c Sun May 21 18:53:44 2017 +0800 +++ b/dbmalloc.c Mon May 22 22:09:26 2017 +0800 @@ -77,7 +77,9 @@ } void * m_calloc(size_t nmemb, size_t size) { - assert(nmemb <= 1000 && size <= 10000); + if (SIZE_T_MAX / nmemb < size) { + dropbear_exit("m_calloc failed"); + } return m_malloc(nmemb*size); } diff -r 17104db7928c -r 9aa6cd66b51d dbmalloc.h --- a/dbmalloc.h Sun May 21 18:53:44 2017 +0800 +++ b/dbmalloc.h Mon May 22 22:09:26 2017 +0800 @@ -4,7 +4,6 @@ #include "includes.h" void * m_malloc(size_t size); -/* m_calloc is limited in size, enough for libtomcrypt */ void * m_calloc(size_t nmemb, size_t size); void * m_strdup(const char * str); void * m_realloc(void* ptr, size_t size);