Implement reallocarray()
Stateless and I stumbled upon this issue while discussing the semantics of read, accepting a size_t but only being able to return ssize_t, effectively lacking the ability to report successful reads > SSIZE_MAX. The discussion went along and we came to the topic of input-based memory allocations. Basically, it was possible for the argument to a memory-allocation-function to overflow, leading to a segfault later. The OpenBSD-guys came up with the ingenious reallocarray-function, and I implemented it as ereallocarray, which automatically returns on error. Read more about it here[0]. A simple testcase is this (courtesy to stateless): $ sbase-strings -n (2^(32|64) / 4) This will segfault before this patch and properly return an OOM- situation afterwards (thanks to the overflow-check in reallocarray). [0]: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/calloc.3
This commit is contained in:
FRIGN
6
tr.c
6
tr.c
@@ -71,16 +71,16 @@ rstrmatch(Rune *r, char *s, size_t n)
|
||||
static size_t
|
||||
makeset(char *str, struct range **set, int (**check)(Rune))
|
||||
{
|
||||
Rune *rstr;
|
||||
Rune *rstr = NULL;
|
||||
size_t len, i, j, m, n;
|
||||
size_t q, setranges = 0;
|
||||
int factor, base;
|
||||
|
||||
/* rstr defines at most len ranges */
|
||||
unescape(str);
|
||||
rstr = emalloc((utflen(str) + 1) * sizeof(*rstr));
|
||||
rstr = ereallocarray(rstr, utflen(str) + 1, sizeof(*rstr));
|
||||
len = utftorunestr(str, rstr);
|
||||
*set = emalloc(len * sizeof(**set));
|
||||
*set = ereallocarray(*set, len, sizeof(**set));
|
||||
|
||||
for (i = 0; i < len; i++) {
|
||||
if (rstr[i] == '[') {
|
||||
|
||||
Reference in New Issue
Block a user