Project

General

Profile

Actions
Copy link

Bug #2130

open

malloc(SIZE_MAX) returns a buffer sized for 0.

Added by vsrinivas about 10 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
6.2
Start date:
Due date:
% Done:

0%

Estimated time:

Description

malloc(SIZE_MAX) returns a buffer sized for 0 bytes on i386; this is because the
addition and mask on nmalloc.c line 824 can overflow.

No data to display

Actions
Copy link

Also available in: Atom PDF