From 309df784b1dcb82807e1aa3e020f7fda19c832cc Mon Sep 17 00:00:00 2001
From: pfg <pfg@FreeBSD.org>
Date: Sun, 16 Apr 2017 19:23:10 +0000
Subject: [PATCH] libjail: make allocation in jailparam_all() somewhat more
 robust.

Unsign some variables involved in allocation as they will never be
negative anyways. Provide some bounds checking through reallocarray(3).

This is all very unlikely to have any visible effect.

Reviewed by:	jamie
MFC after:	3 weeks
---
 lib/libjail/jail.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/libjail/jail.c b/lib/libjail/jail.c
index fd9bc58c97e3..2741ea8f6493 100644
--- a/lib/libjail/jail.c
+++ b/lib/libjail/jail.c
@@ -200,7 +200,7 @@ jailparam_all(struct jailparam **jpp)
 {
 	struct jailparam *jp, *tjp;
 	size_t mlen1, mlen2, buflen;
-	int njp, nlist;
+	unsigned njp, nlist;
 	int mib1[CTL_MAXNAME], mib2[CTL_MAXNAME - 2];
 	char buf[MAXPATHLEN];
 
@@ -250,7 +250,7 @@ jailparam_all(struct jailparam **jpp)
 		/* Add the parameter to the list */
 		if (njp >= nlist) {
 			nlist *= 2;
-			tjp = realloc(jp, nlist * sizeof(*jp));
+			tjp = reallocarray(jp, nlist, sizeof(*jp));
 			if (tjp == NULL)
 				goto error;
 			jp = tjp;
@@ -259,7 +259,7 @@ jailparam_all(struct jailparam **jpp)
 			goto error;
 		mib1[1] = 2;
 	}
-	jp = realloc(jp, njp * sizeof(*jp));
+	jp = reallocarray(jp, njp, sizeof(*jp));
 	*jpp = jp;
 	return (njp);