Avoid overflow in TableDirectory sanitize

This commit is contained in:
Behdad Esfahbod 2010-04-22 10:47:12 -04:00
parent fb5904ec93
commit 079dc40112
1 changed files with 1 additions and 1 deletions

View File

@ -111,7 +111,7 @@ typedef struct OffsetTable
public: public:
inline bool sanitize (SANITIZE_ARG_DEF, const void *base) { inline bool sanitize (SANITIZE_ARG_DEF, const void *base) {
TRACE_SANITIZE (); TRACE_SANITIZE ();
if (!(SANITIZE_SELF () && SANITIZE_MEM (tableDir, tableDir[0].get_size () * numTables))) return false; if (!(SANITIZE_SELF () && SANITIZE_ARRAY (tableDir, TableDirectory::get_size (), numTables))) return false;
unsigned int count = numTables; unsigned int count = numTables;
for (unsigned int i = 0; i < count; i++) for (unsigned int i = 0; i < count; i++)
if (!SANITIZE_BASE (tableDir[i], base)) if (!SANITIZE_BASE (tableDir[i], base))