Fix: Pointer overflow check

When checking for integer overflow, you may often write tests like `p + i < p`. This works fine if `p` and `i` are unsigned integers, since any overflow in the addition will cause the value to simply "wrap around." However, using this pattern when `p` is a pointer is problematic because pointer overflow has undefined behavior according to the C and C++ standards. If the addition overflows and has an undefined result, the comparison will likewise be undefined; it may produce an unintended result, or may be deleted entirely by an optimizing compiler. In this case the overflow check is not necessary, as a `realloc()` was used for reallocate the pointer. In case of an overflow, `realloc()` returns a new pointer location, which is already used here.
greenbone · May 31, 2023 · 4f9ccd9 · 4f9ccd9
1 parent 34745e8
commit 4f9ccd9
Showing 1 changed file with 0 additions and 4 deletions.
diff --git a/samba/lib/util/data_blob.c b/samba/lib/util/data_blob.c
@@ -215,10 +215,6 @@ _PUBLIC_ NTSTATUS data_blob_append(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
 	if (new_len < length || new_len < old_len) {
 		return NT_STATUS_NO_MEMORY;
 	}
-
-	if ((const uint8_t *)p + length < (const uint8_t *)p) {
-		return NT_STATUS_NO_MEMORY;
-	}
 
 	status = data_blob_realloc(mem_ctx, blob, new_len);
 	if (!NT_STATUS_IS_OK(status)) {