Mercurial > dovecot > core-2.2
annotate src/lib/malloc-overflow.h @ 23007:36e01285b5b8
lib: buffer - Improve header comment for buffer_insert() and buffer_delete().
| author | Stephan Bosch <stephan.bosch@dovecot.fi> |
|---|---|
| date | Mon, 18 Mar 2019 00:52:37 +0100 |
| parents | bc9fe0a33b0a |
| children |
| rev | line source |
|---|---|
|
21319
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
1 #ifndef MALLOC_OVERFLOW_H |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
2 #define MALLOC_OVERFLOW_H |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
3 |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
4 /* MALLOC_*() can be used to calculate memory allocation sizes. If there's an |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
5 overflow, it'll cleanly panic instead of causing a potential buffer |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
6 overflow. |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
7 |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
8 Note that *_malloc(size+1) doesn't need to use MALLOC_ADD(size, 1). It wraps |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
9 to size==0 and the *_malloc() calls already panic if size==0. */ |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
10 static inline size_t |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
11 malloc_multiply_check(size_t a, size_t b, size_t sizeof_a, size_t sizeof_b, |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
12 const char *fname, unsigned int linenum) |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
13 { |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
14 /* the first sizeof-checks are intended to optimize away this entire |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
15 if-check for types that are small enough to never wrap size_t. */ |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
16 if ((sizeof_a * 2 > sizeof(size_t) || sizeof_b * 2 > sizeof(size_t)) && |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
17 b != 0 && (a > SIZE_MAX / b)) { |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
18 i_panic("file %s: line %d: memory allocation overflow: " |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
19 "%" PRIuSIZE_T" * %" PRIuSIZE_T, fname, linenum, a, b); |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
20 } |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
21 return a * b; |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
22 } |
|
21509
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
23 #ifndef STATIC_CHECKER |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
24 # define MALLOC_MULTIPLY(a, b) \ |
|
21319
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
25 malloc_multiply_check(a, b, sizeof(a), sizeof(b), __FILE__, __LINE__) |
|
21509
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
26 #else |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
27 /* avoid warning every time about sizeof(b) when b contains any arithmetic */ |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
28 # define MALLOC_MULTIPLY(a, b) \ |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
29 malloc_multiply_check(a, b, sizeof(a), sizeof(size_t), __FILE__, __LINE__) |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
30 #endif |
|
21319
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
31 |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
32 static inline size_t |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
33 malloc_add_check(size_t a, size_t b, size_t sizeof_a, size_t sizeof_b, |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
34 const char *fname, unsigned int linenum) |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
35 { |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
36 /* the first sizeof-checks are intended to optimize away this entire |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
37 if-check for types that are small enough to never wrap size_t. */ |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
38 if ((sizeof_a >= sizeof(size_t) || sizeof_b >= sizeof(size_t)) && |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
39 SIZE_MAX - a < b) { |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
40 i_panic("file %s: line %d: memory allocation overflow: " |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
41 "%" PRIuSIZE_T" + %" PRIuSIZE_T, fname, linenum, a, b); |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
42 } |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
43 return a + b; |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
44 } |
|
21509
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
45 #ifndef STATIC_CHECKER |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
46 # define MALLOC_ADD(a, b) \ |
|
21319
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
47 malloc_add_check(a, b, sizeof(a), sizeof(b), __FILE__, __LINE__) |
|
21509
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
48 #else |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
49 /* avoid warning every time about sizeof(b) when b contains any arithmetic */ |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
50 # define MALLOC_ADD(a, b) \ |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
51 malloc_add_check(a, b, sizeof(a), sizeof(size_t), __FILE__, __LINE__) |
|
bc9fe0a33b0a
lib: Avoid unnecessary Coverity warnings in MALLOC_*()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
21319
diff
changeset
|
52 #endif |
|
21319
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
53 |
|
a3bbf15ea8d7
lib: Add MALLOC_MULTIPLY() and MALLOC_ADD()
Timo Sirainen <timo.sirainen@dovecot.fi>
parents:
diff
changeset
|
54 #endif |