diff options
| author | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-08-23 01:29:52 +0200 |
|---|---|---|
| committer | David Oberhollenzer <david.oberhollenzer@sigma-star.at> | 2019-08-23 02:06:31 +0200 |
| commit | 0a5383ccdf8e87d2259d02a9ff44420b3bc3f58d (patch) | |
| tree | b92fb06a065a201c0cd21aafd3ee265c847c9b84 | |
| parent | 8c8467a824c950fd1094e46a74c1f57048e5f099 (diff) | |
Add wrappers for calloc style functions with size overflow checking
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
| -rw-r--r-- | include/util.h | 16 | ||||
| -rw-r--r-- | lib/Makemodule.am | 2 | ||||
| -rw-r--r-- | lib/util/alloc.c | 54 |
3 files changed, 71 insertions, 1 deletions
diff --git a/include/util.h b/include/util.h index ae8c43c..ba95b03 100644 --- a/include/util.h +++ b/include/util.h @@ -115,4 +115,20 @@ int padd_file(int outfd, uint64_t size, size_t blocksize); */ uint32_t get_source_date_epoch(void); +/* + Helper for allocating data structures with flexible array members. + + 'base_size' is the size of the struct itself, 'item_size' the size of a + single array element and 'nmemb' the number of elements. + + Iternally checks for arithmetic overflows when allocating the combined thing. + */ +void *alloc_flex(size_t base_size, size_t item_size, size_t nmemb); + +/* Basically the same as calloc, but *ALWAYS* does overflow checking */ +void *alloc_array(size_t item_size, size_t nmemb); + +/* allocates len + 1 (for the null-terminator) and does overflow checking */ +void *alloc_string(size_t len); + #endif /* UTIL_H */ diff --git a/lib/Makemodule.am b/lib/Makemodule.am index 6301435..fb9d613 100644 --- a/lib/Makemodule.am +++ b/lib/Makemodule.am @@ -47,7 +47,7 @@ libutil_a_SOURCES += lib/util/read_data.c include/util.h libutil_a_SOURCES += lib/util/print_version.c lib/util/mkdir_p.c libutil_a_SOURCES += lib/util/str_table.c include/str_table.h libutil_a_SOURCES += lib/util/dirstack.c lib/util/padd_file.c -libutil_a_SOURCES += lib/util/read_data_at.c +libutil_a_SOURCES += lib/util/read_data_at.c lib/util/alloc.c libutil_a_SOURCES += lib/util/source_date_epoch.c libutil_a_CFLAGS = $(AM_CFLAGS) libutil_a_CPPFLAGS = $(AM_CPPFLAGS) diff --git a/lib/util/alloc.c b/lib/util/alloc.c new file mode 100644 index 0000000..2d748a7 --- /dev/null +++ b/lib/util/alloc.c @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-3.0-or-later */ +/* + * alloc.c + * + * Copyright (C) 2019 David Oberhollenzer <goliath@infraroot.at> + */ +#include "config.h" + +#include "util.h" + +#include <stddef.h> +#include <stdlib.h> +#include <errno.h> + +void *alloc_flex(size_t base_size, size_t item_size, size_t nmemb) +{ + size_t size; + + if (SZ_MUL_OV(nmemb, item_size, &size)) { + errno = EOVERFLOW; + return NULL; + } + + if (SZ_ADD_OV(base_size, size, &size)) { + errno = EOVERFLOW; + return NULL; + } + + return calloc(1, size); +} + +void *alloc_array(size_t item_size, size_t nmemb) +{ + size_t size; + + if (SZ_MUL_OV(nmemb, item_size, &size)) { + errno = EOVERFLOW; + return NULL; + } + + return calloc(1, size); +} + +void *alloc_string(size_t len) +{ + size_t size; + + if (SZ_ADD_OV(len, 1, &size)) { + errno = EOVERFLOW; + return NULL; + } + + return calloc(1, len); +} |