From f6622d70f8b0a938a03394c3a242f7735266ff66 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Tue, 4 Jan 2011 16:56:20 +0000
Subject: [PATCH] ITS#6733

---
 CHANGES                    | 1 +
 libraries/liblber/memory.c | 8 +++++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index 3d76add8e2..f9283e2b86 100644
--- a/CHANGES
+++ b/CHANGES
@@ -10,6 +10,7 @@ OpenLDAP 2.4.24 Engineering
 	Added slapd-sql support for long long keys (ITS#6617)
 	Fixed liblber to not close invalid sockets (ITS#6585)
 	Fixed liblber error setting (ITS#6732)
+	Fixed liblber memory debugging (ITS#6733)
 	Fixed libldap dnssrv port format specifier (ITS#6644)
 	Fixed libldap EOF handling (ITS#6723)
 	Fixed libldap GnuTLS hang on socket close (ITS#6673)
diff --git a/libraries/liblber/memory.c b/libraries/liblber/memory.c
index 8712031dc5..ae063c99d1 100644
--- a/libraries/liblber/memory.c
+++ b/libraries/liblber/memory.c
@@ -62,9 +62,9 @@ struct ber_mem_hdr {
 };
 
 /* Pattern at top of allocated space */
-#define LBER_MEM_JUNK 0xdeaddadaU
+#define LBER_MEM_JUNK ((ber_int_t) 0xdeaddada)
 
-static const struct ber_mem_hdr ber_int_mem_hdr = { LBER_MEM_JUNK, 0, 0 };
+static const struct ber_mem_hdr ber_int_mem_hdr = { LBER_MEM_JUNK };
 
 /* Note sequence and ber_int_meminuse are counters, but are not
  * thread safe.  If you want to use these values for multithreaded applications,
@@ -256,7 +256,9 @@ ber_memcalloc_x( ber_len_t n, ber_len_t s, void *ctx )
 
 	if( ber_int_memory_fns == NULL || ctx == NULL ) {
 #ifdef LDAP_MEMORY_DEBUG
-		new = calloc(1, n*s + sizeof(struct ber_mem_hdr) + sizeof(ber_int_t));
+		new = n < (-sizeof(struct ber_mem_hdr) - sizeof(ber_int_t)) / s
+			? calloc(1, n*s + sizeof(struct ber_mem_hdr) + sizeof(ber_int_t))
+			: NULL;
 		if( new )
 		{
 		struct ber_mem_hdr *mh = new;
-- 
GitLab