Internal change

protobuf-github-bot · copybara-github · commit fdb9018e87a2 · 2025-03-12T15:50:17.000-07:00
PiperOrigin-RevId: 736203959
diff --git a/upb/mini_descriptor/decode.c b/upb/mini_descriptor/decode.c
@@ -495,6 +495,9 @@ static void upb_MtDecoder_ParseMessage(upb_MtDecoder* d, const char* data,
                                        size_t len) {
   // Buffer length is an upper bound on the number of fields. We will return
   // what we don't use.
+  if (SIZE_MAX / sizeof(*d->fields) < len) {
+    upb_MdDecoder_ErrorJmp(&d->base, "Out of memory");
+  }
   d->fields = upb_Arena_Malloc(d->arena, sizeof(*d->fields) * len);
   upb_MdDecoder_CheckOutOfMemory(&d->base, d->fields);
 
diff --git a/upb/reflection/enum_value_def.c b/upb/reflection/enum_value_def.c
@@ -7,12 +7,16 @@
 
 #include "upb/reflection/internal/enum_value_def.h"
 
+#include <stddef.h>
 #include <stdint.h>
+#include <stdlib.h>
 
+#include "upb/base/string_view.h"
+#include "upb/mem/arena.h"
+#include "upb/reflection/def.h"
 #include "upb/reflection/def_type.h"
 #include "upb/reflection/enum_def.h"
 #include "upb/reflection/enum_value_def.h"
-#include "upb/reflection/file_def.h"
 #include "upb/reflection/internal/def_builder.h"
 #include "upb/reflection/internal/enum_def.h"
 
@@ -41,7 +45,8 @@ static int _upb_EnumValueDef_Compare(const void* p1, const void* p2) {
 }
 
 const upb_EnumValueDef** _upb_EnumValueDefs_Sorted(const upb_EnumValueDef* v,
-                                                   int n, upb_Arena* a) {
+                                                   size_t n, upb_Arena* a) {
+  if (SIZE_MAX / sizeof(void*) < n) return NULL;
   // TODO: Try to replace this arena alloc with a persistent scratch buffer.
   upb_EnumValueDef** out =
       (upb_EnumValueDef**)upb_Arena_Malloc(a, n * sizeof(void*));
diff --git a/upb/reflection/internal/enum_value_def.h b/upb/reflection/internal/enum_value_def.h
@@ -27,7 +27,7 @@ upb_EnumValueDef* _upb_EnumValueDefs_New(
     bool* is_sorted);
 
 const upb_EnumValueDef** _upb_EnumValueDefs_Sorted(const upb_EnumValueDef* v,
-                                                   int n, upb_Arena* a);
+                                                   size_t n, upb_Arena* a);
 
 #ifdef __cplusplus
 } /* extern "C" */
