Fix potential integer overflow vulnerability when allocating memory

dkjsone · dkjsone · commit 6feb9997acf1 · 2025-10-24T16:22:52.000+08:00
diff --git a/libsrc/attr.m4 b/libsrc/attr.m4
@@ -88,6 +88,9 @@ new_x_NC_attr(
 
 	assert(!(xsz == 0 && nelems != 0));
 
+	if(sz > SIZE_MAX -xsz)
+		return NULL;
+
 	sz += xsz;
 
 	attrp = (NC_attr *) malloc(sz);
