malloc and buffer overflow attacks

Walter Bright newshound2 at
Fri Dec 31 20:12:45 UTC 2021

On 12/30/2021 4:37 PM, sarn wrote:
> Good thing to do, but Walter's talking about integer overflow with the `len * 
> T.sizeof` calculation itself.
> calloc() doesn't have this problem.

The calculation of `len` can also have overflow problems. `calloc` is not 
sufficient. The provenance of `len` needs to be carefully checked.

More information about the Digitalmars-d mailing list