From 7656b3500d4f6273e7a5eee05c01fe56386dcda4 Mon Sep 17 00:00:00 2001
From: Poul-Henning Kamp <phk@FreeBSD.org>
Date: Thu, 30 Jan 2003 15:00:17 +0000
Subject: [PATCH] Catch some cases where asking for ridiculously large
 allocations could result in a segfault.  Instead just return NULL.

---
 lib/libc/stdlib/malloc.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/libc/stdlib/malloc.c b/lib/libc/stdlib/malloc.c
index 3cd58f75bd4..2f890303ea9 100644
--- a/lib/libc/stdlib/malloc.c
+++ b/lib/libc/stdlib/malloc.c
@@ -326,6 +326,8 @@ map_pages(size_t pages)
 
     result = (caddr_t)pageround((u_long)sbrk(0));
     tail = result + (pages << malloc_pageshift);
+    if (tail < result)
+	return 0;
 
     if (brk(tail)) {
 #ifdef EXTRA_SANITY
@@ -745,6 +747,8 @@ imalloc(size_t size)
 
     if ((size + malloc_pagesize) < size)	/* Check for overflow */
 	result = 0;
+    else if ((size + malloc_pagesize) >= (uintptr_t)page_dir)
+	result = 0;
     else if (size <= malloc_maxsize)
 	result =  malloc_bytes(size);
     else