From e44fa2ba3e87bef7d32630111662341c0b0d2669 Mon Sep 17 00:00:00 2001
From: Kaspar Schleiser <kaspar@schleiser.de>
Date: Thu, 19 Nov 2020 09:55:13 +0100
Subject: [PATCH] sys/oneway-malloc: check calloc args

---
 sys/oneway-malloc/oneway-malloc.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/sys/oneway-malloc/oneway-malloc.c b/sys/oneway-malloc/oneway-malloc.c
index c79a199cc6..fd3d13ca49 100644
--- a/sys/oneway-malloc/oneway-malloc.c
+++ b/sys/oneway-malloc/oneway-malloc.c
@@ -61,6 +61,11 @@ void __attribute__((weak)) *realloc(void *ptr, size_t size)
 
 void __attribute__((weak)) *calloc(size_t size, size_t cnt)
 {
+    /* ensure size * cnt doesn't overflow size_t */
+    if (cnt && size > (size_t)-1 / cnt) {
+        return NULL;
+    }
+
     void *mem = malloc(size * cnt);
     if (mem) {
         memset(mem, 0, size * cnt);