Comment # 4
on bug 8722
from Guy Harris
(In reply to comment #1)
> I don't doubt you've found a bug, but g_malloc never returns NULL
Actually, sometimes it does, as its javadoc comment says:
/**
* g_malloc:
* @n_bytes: the number of bytes to allocate
*
* Allocates @n_bytes bytes of memory.
* If @n_bytes is 0 it returns %NULL.
*
* Returns: a pointer to the allocated memory
*/
In 32-bit arithmetic, 0xffffffff+1 = 0, so if the length in question is
0xffffffff, it gets asked by the code in question to allocate 0 bytes, and
hence returns NULL.
The right thing to do here is probably to figure out what the right
tvb_ensure_bytes_exists() call, to perform *before* allocating the buffer, is,
so that a very large length throws a bounds error exception before the
g_malloc() call. (That would also prevent g_malloc() from calling abort() for
very large lengths that *aren't* 0xffffffff.)
You are receiving this mail because:
- You are watching all bug changes.