Description: Add mitigation for a potential heap-overflow on 32-bit systems
 Force intermediate values to uint64_t to catch the potential overflow
 This patch was adapted from the changes of the 17.11 upstream branch
Author: Gennaro Oliva <oliva.g@na.icar.cnr.it>
Bug-Debian: https://bugs.debian.org/920997
Origin: https://github.com/SchedMD/slurm/commit/750cc23edcc6fddfff21d33bdaf4fb7deb28cfda
Forwarded: no
Last-Update: 2019-02-12

--- a/src/common/xmalloc.c
+++ b/src/common/xmalloc.c
@@ -72,13 +72,17 @@ static void malloc_assert_failed(char *,
  *   clear (IN) initialize to zero
  *   RETURN	pointer to allocate heap space
  */
-void *slurm_xmalloc(size_t size, bool clear,
+void *slurm_xmalloc(uint64_t size, bool clear,
 		    const char *file, int line, const char *func)
 {
 	void *new;
 	size_t *p;
 	size_t total_size = size + 2 * sizeof(size_t);
 
+
+	if (size > 0xffffffff)
+		fatal("attempt at overflow");
+
 	if (clear)
 		p = calloc(1, total_size);
 	else
--- slurm-llnl-16.05.9.orig/src/common/xmalloc.h
+++ slurm-llnl-16.05.9/src/common/xmalloc.h
@@ -76,6 +76,8 @@
 #ifndef _XMALLOC_H
 #define _XMALLOC_H
 
+#include <stdint.h>
+
 #if HAVE_SYS_TYPES_H
 #  include <sys/types.h>
 #endif
@@ -83,13 +85,13 @@
 #include "macros.h"
 
 #define xmalloc(__sz) \
-	slurm_xmalloc (__sz, true, __FILE__, __LINE__, __CURRENT_FUNC__)
+	slurm_xmalloc ((uint64_t) __sz, true, __FILE__, __LINE__, __CURRENT_FUNC__)
 
 #define xmalloc_nz(__sz) \
-	slurm_xmalloc (__sz, false, __FILE__, __LINE__, __CURRENT_FUNC__)
+	slurm_xmalloc ((uint64_t) __sz, false, __FILE__, __LINE__, __CURRENT_FUNC__)
 
 #define try_xmalloc(__sz) \
-	slurm_try_xmalloc(__sz, __FILE__, __LINE__, __CURRENT_FUNC__)
+	slurm_try_xmalloc((uint64_t) __sz, __FILE__, __LINE__, __CURRENT_FUNC__)
 
 #define xfree(__p) \
 	slurm_xfree((void **)&(__p), __FILE__, __LINE__, __CURRENT_FUNC__)
@@ -109,7 +111,7 @@
 #define xsize(__p) \
 	slurm_xsize((void *)__p, __FILE__, __LINE__, __CURRENT_FUNC__)
 
-void *slurm_xmalloc(size_t, bool, const char *, int, const char *);
+void *slurm_xmalloc(uint64_t, bool, const char *, int, const char *);
 void *slurm_try_xmalloc(size_t , const char *, int , const char *);
 void slurm_xfree(void **, const char *, int, const char *);
 void *slurm_xrealloc(void **, size_t, bool, const char *, int, const char *);
--- slurm-llnl-16.05.9.orig/contribs/perlapi/libslurm/perl/slurm-perl.h
+++ slurm-llnl-16.05.9/contribs/perlapi/libslurm/perl/slurm-perl.h
@@ -17,7 +17,7 @@
 #endif
 
 extern void slurm_xfree(void **, const char *, int, const char *);
-extern void *slurm_xmalloc(size_t, bool, const char *, int, const char *);
+extern void *slurm_xmalloc(uint64_t, bool, const char *, int, const char *);
 
 extern void slurm_api_clear_config(void);
 
