Check all calloc/malloc return values. Closes #252.

maxmind · Feb 17, 2021 · ec946c1 · ec946c1
1 parent 367ffaa
commit ec946c1
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 0 deletions.
diff --git a/Changes.md b/Changes.md
@@ -1,5 +1,9 @@
 ## 1.5.1
 
+* With `libmaxminddb` on Windows and `mmdblookup` generally, there were
+  instances where the return value of `calloc` was not checked, which could
+  lead to issues in low memory situations or when resource limits had been
+  set. Reported by cve-reporting. GitHub #252.
 * The formatting of the manpages has been improved and the script that
   generates them now supports `lowdown` in addition to `pandoc`. Pull request
   by Faidon Liambotis. GitHub #248.

diff --git a/bin/mmdblookup.c b/bin/mmdblookup.c
@@ -296,6 +296,10 @@ static const char **get_options(int argc,
 
     const char **lookup_path =
         calloc((argc - optind) + 1, sizeof(const char *));
+    if (!lookup_path) {
+        fprintf(stderr, "calloc(): %s\n", strerror(errno));
+        exit(1);
+    }
     int i;
     for (i = 0; i < argc - optind; i++) {
         lookup_path[i] = argv[i + optind];

diff --git a/src/maxminddb.c b/src/maxminddb.c
@@ -333,6 +333,9 @@ int MMDB_open(const char *const filename, uint32_t flags, MMDB_s *const mmdb) {
 static LPWSTR utf8_to_utf16(const char *utf8_str) {
     int wide_chars = MultiByteToWideChar(CP_UTF8, 0, utf8_str, -1, NULL, 0);
     wchar_t *utf16_str = (wchar_t *)calloc(wide_chars, sizeof(wchar_t));
+    if (!utf16_str) {
+        return NULL;
+    }
 
     if (MultiByteToWideChar(CP_UTF8, 0, utf8_str, -1, utf16_str, wide_chars) <
         1) {

diff --git a/t/basic_lookup_t.c b/t/basic_lookup_t.c
@@ -38,6 +38,9 @@ void test_one_result(MMDB_s *mmdb,
         // something like "::1.2.3.4", not just "1.2.3.4".
         int maxlen = strlen(expect) + 3;
         real_expect = malloc(maxlen);
+        if (!real_expect) {
+            BAIL_OUT("could not allocate memory");
+        }
         snprintf(real_expect, maxlen, "::%s", expect);
     }
 

diff --git a/t/threads_t.c b/t/threads_t.c
@@ -66,6 +66,9 @@ void *run_one_thread(void *arg) {
     const char *ip = thread_arg->ip_to_lookup;
 
     test_result_s *result = malloc(sizeof(test_result_s));
+    if (!result) {
+        BAIL_OUT("could not allocate memory");
+    }
     test_one_ip(mmdb, ip, result);
 
     pthread_exit((void *)result);