X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=lib%2Fxmalloca.h;h=bd4c5a91764e576618bf499054ccbb1c4e505348;hb=3d986f521cac261e29c043be50bb626f7641d841;hp=286e85a86506fe70e51493da893787a43d2fae7e;hpb=57fdfd3f8ec62b105c53bcdf6f127c35c7fe7391;p=gnulib.git

diff --git a/lib/xmalloca.h b/lib/xmalloca.h
index 286e85a86..bd4c5a917 100644
--- a/lib/xmalloca.h
+++ b/lib/xmalloca.h
@@ -19,6 +19,7 @@
 #define _XMALLOCA_H
 
 #include "malloca.h"
+#include "xalloc.h"
 
 
 #ifdef __cplusplus
@@ -27,7 +28,7 @@ extern "C" {
 
 
 /* xmalloca(N) is a checking safe variant of alloca(N).  It allocates N bytes
-   of memory allocated on the stack, that must be freed using freesa() before
+   of memory allocated on the stack, that must be freed using freea() before
    the function returns.  Upon failure, it exits with an error message.  */
 #if HAVE_ALLOCA
 # define xmalloca(N) \
@@ -40,9 +41,19 @@ extern void * xmmalloca (size_t n);
   xmalloc (N)
 #endif
 
-/* Maybe we should also define a variant
-    xnmalloca (size_t n, size_t s) - behaves like xmalloca (n * s)
-   If this would be useful in your application. please speak up.  */
+/* xnmalloca(N,S) is an overflow-safe variant of xmalloca (N * S).
+   It allocates an array of N objects, each with S bytes of memory,
+   on the stack.  S must be positive and N must be nonnegative.
+   The array must be freed using freea() before the function returns.
+   Upon failure, it exits with an error message.  */
+#if HAVE_ALLOCA
+/* Rely on xmalloca (SIZE_MAX) calling xalloc_die ().  */
+# define xnmalloca(n, s) \
+    xmalloca (xalloc_oversized ((n), (s)) ? (size_t) (-1) : (n) * (s))
+#else
+# define xnmalloca(n, s) \
+    xnmalloc ((n), (s))
+#endif
 
 
 #ifdef __cplusplus