* [PATCH 1/3] execute-tests: pacify compiler
@ 2021-04-21 18:11 Paul Eggert
2021-04-21 18:11 ` [PATCH 2/3] careadlinkat: avoid ptrdiff_t overflow Paul Eggert
2021-04-21 18:11 ` [PATCH 3/3] malloca: " Paul Eggert
0 siblings, 2 replies; 3+ messages in thread
From: Paul Eggert @ 2021-04-21 18:11 UTC (permalink / raw)
To: bug-gnulib; +Cc: Paul Eggert
* tests/test-execute-main.c (main): Use 0x7DEADBEE rather than
0xDEADBEEF for nonces, to avoid provoking AIX XLC compiler warning
that the latter is out of int range.
---
ChangeLog | 7 +++++++
tests/test-execute-main.c | 6 +++---
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index d2ea4e509..3aaee32bf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2021-04-21 Paul Eggert <eggert@cs.ucla.edu>
+
+ execute-tests: pacify compiler
+ * tests/test-execute-main.c (main): Use 0x7DEADBEE rather than
+ 0xDEADBEEF for nonces, to avoid provoking AIX XLC compiler warning
+ that the latter is out of int range.
+
2021-04-20 Paul Eggert <eggert@cs.ucla.edu>
malloc-gnu-tests, etc.: use volatile for clang
diff --git a/tests/test-execute-main.c b/tests/test-execute-main.c
index 944dcd1ee..a6a9fe406 100644
--- a/tests/test-execute-main.c
+++ b/tests/test-execute-main.c
@@ -132,7 +132,7 @@ main (int argc, char *argv[])
{
/* Check SIGPIPE handling with ignore_sigpipe = false. */
const char *prog_argv[3] = { prog_path, "3", NULL };
- int termsig = 0xDEADBEEF;
+ int termsig = 0x7DEADBEE;
int ret = execute (progname, prog_argv[0], prog_argv, NULL,
false, false, false, false, true, false, &termsig);
ASSERT (ret == 127);
@@ -145,7 +145,7 @@ main (int argc, char *argv[])
{
/* Check SIGPIPE handling with ignore_sigpipe = true. */
const char *prog_argv[3] = { prog_path, "4", NULL };
- int termsig = 0xDEADBEEF;
+ int termsig = 0x7DEADBEE;
int ret = execute (progname, prog_argv[0], prog_argv, NULL,
true, false, false, false, true, false, &termsig);
ASSERT (ret == 0);
@@ -157,7 +157,7 @@ main (int argc, char *argv[])
{
/* Check other signal. */
const char *prog_argv[3] = { prog_path, "5", NULL };
- int termsig = 0xDEADBEEF;
+ int termsig = 0x7DEADBEE;
int ret = execute (progname, prog_argv[0], prog_argv, NULL,
false, false, false, false, true, false, &termsig);
ASSERT (ret == 127);
--
2.27.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 2/3] careadlinkat: avoid ptrdiff_t overflow
2021-04-21 18:11 [PATCH 1/3] execute-tests: pacify compiler Paul Eggert
@ 2021-04-21 18:11 ` Paul Eggert
2021-04-21 18:11 ` [PATCH 3/3] malloca: " Paul Eggert
1 sibling, 0 replies; 3+ messages in thread
From: Paul Eggert @ 2021-04-21 18:11 UTC (permalink / raw)
To: bug-gnulib; +Cc: Paul Eggert
* lib/careadlinkat.c: Include idx.h, minmax.h.
(readlink_stk): Avoid ptrdiff_t overflow in object allocation.
Since this module uses arbitrary allocators (including
stdlib_allocator), it cannot assume GNU malloc semantics.
* modules/careadlinkat (Depends-on): Add idx, minmax.
---
ChangeLog | 7 +++++++
lib/careadlinkat.c | 28 +++++++++++-----------------
modules/careadlinkat | 2 ++
3 files changed, 20 insertions(+), 17 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 3aaee32bf..1e6cbd07f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
2021-04-21 Paul Eggert <eggert@cs.ucla.edu>
+ careadlinkat: avoid ptrdiff_t overflow
+ * lib/careadlinkat.c: Include idx.h, minmax.h.
+ (readlink_stk): Avoid ptrdiff_t overflow in object allocation.
+ Since this module uses arbitrary allocators (including
+ stdlib_allocator), it cannot assume GNU malloc semantics.
+ * modules/careadlinkat (Depends-on): Add idx, minmax.
+
execute-tests: pacify compiler
* tests/test-execute-main.c (main): Use 0x7DEADBEE rather than
0xDEADBEEF for nonces, to avoid provoking AIX XLC compiler warning
diff --git a/lib/careadlinkat.c b/lib/careadlinkat.c
index 18cfc114b..d833a0bce 100644
--- a/lib/careadlinkat.c
+++ b/lib/careadlinkat.c
@@ -22,6 +22,9 @@
#include "careadlinkat.h"
+#include "idx.h"
+#include "minmax.h"
+
#include <errno.h>
#include <limits.h>
#include <string.h>
@@ -65,11 +68,6 @@ readlink_stk (int fd, char const *filename,
ssize_t (*preadlinkat) (int, char const *, char *, size_t),
char stack_buf[STACK_BUF_SIZE])
{
- char *buf;
- size_t buf_size;
- size_t buf_size_max =
- SSIZE_MAX < SIZE_MAX ? (size_t) SSIZE_MAX + 1 : SIZE_MAX;
-
if (! alloc)
alloc = &stdlib_allocator;
@@ -79,14 +77,14 @@ readlink_stk (int fd, char const *filename,
buffer_size = STACK_BUF_SIZE;
}
- buf = buffer;
- buf_size = buffer_size;
+ char *buf = buffer;
+ idx_t buf_size_max = MIN (IDX_MAX, MIN (SSIZE_MAX, SIZE_MAX));
+ idx_t buf_size = MIN (buffer_size, buf_size_max);
while (buf)
{
/* Attempt to read the link into the current buffer. */
- ssize_t link_length = preadlinkat (fd, filename, buf, buf_size);
- size_t link_size;
+ idx_t link_length = preadlinkat (fd, filename, buf, buf_size);
if (link_length < 0)
{
if (buf != buffer)
@@ -98,7 +96,7 @@ readlink_stk (int fd, char const *filename,
return NULL;
}
- link_size = link_length;
+ idx_t link_size = link_length;
if (link_size < buf_size)
{
@@ -127,17 +125,13 @@ readlink_stk (int fd, char const *filename,
if (buf != buffer)
alloc->free (buf);
- if (buf_size < buf_size_max / 2)
- buf_size = 2 * buf_size + 1;
- else if (buf_size < buf_size_max)
- buf_size = buf_size_max;
- else if (buf_size_max < SIZE_MAX)
+ if (buf_size_max / 2 <= buf_size)
{
errno = ENAMETOOLONG;
return NULL;
}
- else
- break;
+
+ buf_size = 2 * buf_size + 1;
buf = alloc->allocate (buf_size);
}
diff --git a/modules/careadlinkat b/modules/careadlinkat
index 3f49aaecd..b3375a9b2 100644
--- a/modules/careadlinkat
+++ b/modules/careadlinkat
@@ -7,6 +7,8 @@ lib/careadlinkat.h
Depends-on:
allocator
+idx
+minmax
ssize_t
unistd
--
2.27.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 3/3] malloca: avoid ptrdiff_t overflow
2021-04-21 18:11 [PATCH 1/3] execute-tests: pacify compiler Paul Eggert
2021-04-21 18:11 ` [PATCH 2/3] careadlinkat: avoid ptrdiff_t overflow Paul Eggert
@ 2021-04-21 18:11 ` Paul Eggert
1 sibling, 0 replies; 3+ messages in thread
From: Paul Eggert @ 2021-04-21 18:11 UTC (permalink / raw)
To: bug-gnulib; +Cc: Paul Eggert
* lib/malloca.c: Include idx.h, intprops.h.
(mmalloca): Check for ptrdiff_t overflow. Since this module uses
_GL_USE_STDLIB_ALLOC, it cannot assume GNU malloc semantics.
* modules/malloca (Depends-on): Add idx, intprops.
---
ChangeLog | 6 ++++++
lib/malloca.c | 8 +++++---
modules/malloca | 2 ++
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 1e6cbd07f..e72362077 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2021-04-21 Paul Eggert <eggert@cs.ucla.edu>
+ malloca: avoid ptrdiff_t overflow
+ * lib/malloca.c: Include idx.h, intprops.h.
+ (mmalloca): Check for ptrdiff_t overflow. Since this module uses
+ _GL_USE_STDLIB_ALLOC, it cannot assume GNU malloc semantics.
+ * modules/malloca (Depends-on): Add idx, intprops.
+
careadlinkat: avoid ptrdiff_t overflow
* lib/careadlinkat.c: Include idx.h, minmax.h.
(readlink_stk): Avoid ptrdiff_t overflow in object allocation.
diff --git a/lib/malloca.c b/lib/malloca.c
index f4ee1563b..4077bf708 100644
--- a/lib/malloca.c
+++ b/lib/malloca.c
@@ -21,6 +21,8 @@
/* Specification. */
#include "malloca.h"
+#include "idx.h"
+#include "intprops.h"
#include "verify.h"
/* The speed critical point in this file is freea() applied to an alloca()
@@ -45,9 +47,9 @@ mmalloca (size_t n)
#if HAVE_ALLOCA
/* Allocate one more word, used to determine the address to pass to freea(),
and room for the alignment ≡ sa_alignment_max mod 2*sa_alignment_max. */
- size_t nplus = n + sizeof (small_t) + 2 * sa_alignment_max - 1;
-
- if (nplus >= n)
+ int plus = sizeof (small_t) + 2 * sa_alignment_max - 1;
+ idx_t nplus;
+ if (!INT_ADD_WRAPV (n, plus, &nplus) && !xalloc_oversized (nplus, 1))
{
char *mem = (char *) malloc (nplus);
diff --git a/modules/malloca b/modules/malloca
index 9b7a3dbd2..346d33251 100644
--- a/modules/malloca
+++ b/modules/malloca
@@ -9,6 +9,8 @@ m4/eealloc.m4
Depends-on:
alloca-opt
+idx
+intprops
stdint
verify
xalloc-oversized
--
2.27.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-04-21 18:13 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-21 18:11 [PATCH 1/3] execute-tests: pacify compiler Paul Eggert
2021-04-21 18:11 ` [PATCH 2/3] careadlinkat: avoid ptrdiff_t overflow Paul Eggert
2021-04-21 18:11 ` [PATCH 3/3] malloca: " Paul Eggert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).