From 0869f561c62fd3200f8fe95c3f7ae1a3ee9211bf Mon Sep 17 00:00:00 2001
From: Stathis Kamperis <ekamperi@auth.gr>
Date: Thu, 5 Jun 2008 11:33:10 +0300
Subject: [PATCH] Validate maxlogsize against max value a size_t can hold

---
 buddy/mpool.c | 3 +++
 buddy/mpool.h | 3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/buddy/mpool.c b/buddy/mpool.c
index 7e95fa7..1741a66 100644
--- a/buddy/mpool.c
+++ b/buddy/mpool.c
@@ -7,6 +7,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <limits.h>    /* for CHAR_BIT */
 
 #include "mpool.h"
 
@@ -19,6 +20,8 @@ mpret_t mpool_init(mpool_t **mpool, size_t maxlogsize, size_t minlogsize)
     size_t i;
 
     /* Validate input */
+    if (maxlogsize > sizeof(size_t) * CHAR_BIT)
+        return MPOOL_ERANGE;
     if (maxlogsize < minlogsize || (size_t)(1 << minlogsize) <= sizeof *pblknode)
         return MPOOL_EBADVAL;
 
diff --git a/buddy/mpool.h b/buddy/mpool.h
index 5dd7cbf..4236870 100644
--- a/buddy/mpool.h
+++ b/buddy/mpool.h
@@ -85,7 +85,8 @@ typedef struct blkhead blkhead_t;
 typedef enum {
     MPOOL_OK,
     MPOOL_EBADVAL,
-    MPOOL_ENOMEM
+    MPOOL_ENOMEM,
+    MPOOL_ERANGE
 } mpret_t;
 
 /* Function prototypes */
-- 
2.11.4.GIT