aboutsummaryrefslogtreecommitdiff
path: root/winsup/mingw/mingwex
diff options
context:
space:
mode:
authorChris Sutcliffe <ir0nh34d@users.sourceforge.net>2009-11-28 05:28:35 +0000
committerChris Sutcliffe <ir0nh34d@users.sourceforge.net>2009-11-28 05:28:35 +0000
commitbde36356692163b178279784cc631889399dbcfc (patch)
tree7e4206b306104ed674c6ba5ed337711f41ce9bcc /winsup/mingw/mingwex
parent575e8668bdda3a16dcc03adccb02944e75cb023b (diff)
downloadnewlib-bde36356692163b178279784cc631889399dbcfc.zip
newlib-bde36356692163b178279784cc631889399dbcfc.tar.gz
newlib-bde36356692163b178279784cc631889399dbcfc.tar.bz2
2009-11-25 Chris Sutcliffe <ir0nh34d@users.sourceforge.net>
* mingwex/gdtoa/misc.c: Fix security vulnerability in gdtoa: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
Diffstat (limited to 'winsup/mingw/mingwex')
-rwxr-xr-xwinsup/mingw/mingwex/gdtoa/misc.c36
1 files changed, 35 insertions, 1 deletions
diff --git a/winsup/mingw/mingwex/gdtoa/misc.c b/winsup/mingw/mingwex/gdtoa/misc.c
index 35f9a6e..49934c4 100755
--- a/winsup/mingw/mingwex/gdtoa/misc.c
+++ b/winsup/mingw/mingwex/gdtoa/misc.c
@@ -135,6 +135,8 @@ Bigint *Balloc (int k)
x = 1 << k;
#ifdef Omit_Private_Memory
rv = (Bigint *)MALLOC(sizeof(Bigint) + (x-1)*sizeof(ULong));
+ if (rv == NULL)
+ return NULL;
#else
len = (sizeof(Bigint) + (x-1)*sizeof(ULong) + sizeof(double) - 1)
/sizeof(double);
@@ -143,7 +145,11 @@ Bigint *Balloc (int k)
pmem_next += len;
}
else
+ {
rv = (Bigint*)MALLOC(len*sizeof(double));
+ if (rv == NULL)
+ return NULL;
+ }
#endif
rv->k = k;
rv->maxwds = x;
@@ -255,6 +261,8 @@ Bigint *multadd (Bigint *b, int m, int a) /* multiply by m and add a */
if (carry) {
if (wds >= b->maxwds) {
b1 = Balloc(b->k+1);
+ if (b1 == NULL)
+ return NULL;
Bcopy(b1, b);
Bfree(b);
b = b1;
@@ -303,6 +311,8 @@ Bigint *i2b (int i)
Bigint *b;
b = Balloc(1);
+ if (b == NULL)
+ return NULL;
b->x[0] = i;
b->wds = 1;
return b;
@@ -335,6 +345,8 @@ Bigint *mult (Bigint *a, Bigint *b)
if (wc > a->maxwds)
k++;
c = Balloc(k);
+ if (c == NULL)
+ return NULL;
for(x = c->x, xa = x + wc; x < xa; x++)
*x = 0;
xa = a->x;
@@ -417,7 +429,11 @@ Bigint *pow5mult (Bigint *b, int k)
static int p05[3] = { 5, 25, 125 };
if ( (i = k & 3) !=0)
- b = multadd(b, p05[i-1], 0);
+ {
+ b = multadd(b, p05[i-1], 0);
+ if (b == NULL)
+ return NULL;
+ }
if (!(k >>= 2))
return b;
@@ -427,17 +443,23 @@ Bigint *pow5mult (Bigint *b, int k)
ACQUIRE_DTOA_LOCK(1);
if (!(p5 = p5s)) {
p5 = p5s = i2b(625);
+ if (p5 == NULL)
+ return NULL;
p5->next = 0;
}
FREE_DTOA_LOCK(1);
#else
p5 = p5s = i2b(625);
+ if (p5 == NULL)
+ return NULL;
p5->next = 0;
#endif
}
for(;;) {
if (k & 1) {
b1 = mult(b, p5);
+ if (b1 == NULL)
+ return NULL;
Bfree(b);
b = b1;
}
@@ -448,11 +470,15 @@ Bigint *pow5mult (Bigint *b, int k)
ACQUIRE_DTOA_LOCK(1);
if (!(p51 = p5->next)) {
p51 = p5->next = mult(p5,p5);
+ if (p51 == NULL)
+ return NULL;
p51->next = 0;
}
FREE_DTOA_LOCK(1);
#else
p51 = p5->next = mult(p5,p5);
+ if (p51 == NULL)
+ return NULL;
p51->next = 0;
#endif
}
@@ -473,6 +499,8 @@ Bigint *lshift (Bigint *b, int k)
for(i = b->maxwds; n1 > i; i <<= 1)
k1++;
b1 = Balloc(k1);
+ if (b1 == NULL)
+ return NULL;
x1 = b1->x;
for(i = 0; i < n; i++)
*x1++ = 0;
@@ -552,6 +580,8 @@ Bigint *diff (Bigint *a, Bigint *b)
i = cmp(a,b);
if (!i) {
c = Balloc(0);
+ if (c == NULL)
+ return NULL;
c->wds = 1;
c->x[0] = 0;
return c;
@@ -565,6 +595,8 @@ Bigint *diff (Bigint *a, Bigint *b)
else
i = 0;
c = Balloc(a->k);
+ if (c == NULL)
+ return NULL;
c->sign = i;
wa = a->wds;
xa = a->x;
@@ -693,6 +725,8 @@ Bigint *d2b (double dd, int *e, int *bits)
#else
b = Balloc(2);
#endif
+ if (b == NULL)
+ return NULL;
x = b->x;
z = d0 & Frac_mask;