Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
I installed the following (slightly different) patch for that problem,
into gnulib. It's tested with GNU tar.
2005-06-22 Paul Eggert [EMAIL PROTECTED]
* xmalloc.c (HAVE_GNU_CALLOC): New constant.
(xcalloc): Use it to avoid needless tests.
Problem reported by Jim Meyering.
--- xmalloc.c 14 May 2005 06:03:58 - 1.36
+++ xmalloc.c 22 Jun 2005 07:12:04 - 1.37
@@ -30,6 +30,15 @@
# define SIZE_MAX ((size_t) -1)
#endif
+/* 1 if calloc is known to be compatible with GNU calloc. This
+ matters if we are not also using the calloc module, which defines
+ HAVE_CALLOC and supports the GNU API even on non-GNU platforms. */
+#if defined HAVE_CALLOC || defined __GLIBC__
+enum { HAVE_GNU_CALLOC = 1 };
+#else
+enum { HAVE_GNU_CALLOC = 0 };
+#endif
+
/* Allocate an array of N objects, each with S bytes of memory,
dynamically, with error checking. S must be nonzero. */
@@ -204,8 +213,11 @@ xcalloc (size_t n, size_t s)
{
void *p;
/* Test for overflow, since some calloc implementations don't have
- proper overflow checks. */
- if (xalloc_oversized (n, s) || (! (p = calloc (n, s)) n != 0))
+ proper overflow checks. But omit overflow and size-zero tests if
+ HAVE_GNU_CALLOC, since GNU calloc catches overflow and never
+ returns NULL if successful. */
+ if ((! HAVE_GNU_CALLOC xalloc_oversized (n, s))
+ || (! (p = calloc (n, s)) (HAVE_GNU_CALLOC || n != 0)))
xalloc_die ();
return p;
}
___
bug-gnulib mailing list
bug-gnulib@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-gnulib
Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
Jim Meyering [EMAIL PROTECTED] writes:
This makes me think it'd be worthwhile to support a new section in
the modules file listing `Recommended' modules.
Yes, that would be nice. It's been suggested before but nobody has
had the time yet to do it. gnulib-tool might bring in recommended
modules automatically on request, for example.
But why reuse the HAVE_CALLOC symbol at all?
It's name isn't really accurate in this context.
How about this instead:
Yes, that would be better (and thanks for catching the bug -- I did
say my patch was untested :-). Though I think it'd be better to
reverse the sense and call it HAVE_GNU_CALLOC or something like
that. How about the following (also untested) patch?
2005-06-17 Paul Eggert [EMAIL PROTECTED]
* xmalloc (HAVE_GNU_CALLOC): New macro.
(xcalloc): Omit needless tests if ! HAVE_GNU_CALLOC.
--- xmalloc.c 2005-05-13 23:03:58 -0700
+++ /tmp/xmalloc.c 2005-06-17 10:28:06 -0700
@@ -30,6 +30,15 @@
# define SIZE_MAX ((size_t) -1)
#endif
+/* 1 if calloc is known to be compatible with GNU calloc. This
+ matters if we are not also using the calloc module, which defines
+ HAVE_CALLOC and supports the GNU API even on non-GNU platforms. */
+#ifdef HAVE_CALLOC
+# define HAVE_GNU_CALLOC 1
+#else
+# define HAVE_GNU_CALLOC 0
+#endif
+
/* Allocate an array of N objects, each with S bytes of memory,
dynamically, with error checking. S must be nonzero. */
@@ -204,8 +213,11 @@ xcalloc (size_t n, size_t s)
{
void *p;
/* Test for overflow, since some calloc implementations don't have
- proper overflow checks. */
- if (xalloc_oversized (n, s) || (! (p = calloc (n, s)) n != 0))
+ proper overflow checks. But omit overflow and size-zero tests if
+ HAVE_GNU_CALLOC, since GNU calloc catches overflow and never
+ returns NULL if successful. */
+ if ((! HAVE_GNU_CALLOC xalloc_oversized (n, s))
+ || (! (p = calloc (n, s)) (HAVE_GNU_CALLOC || n != 0)))
xalloc_die ();
return p;
}
___
bug-gnulib mailing list
bug-gnulib@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-gnulib
Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
Paul Eggert [EMAIL PROTECTED] wrote: ... How about the following (also untested) patch? 2005-06-17 Paul Eggert [EMAIL PROTECTED] * xmalloc (HAVE_GNU_CALLOC): New macro. (xcalloc): Omit needless tests if ! HAVE_GNU_CALLOC. Looks fine to me. Thanks! ___ bug-gnulib mailing list bug-gnulib@gnu.org http://lists.gnu.org/mailman/listinfo/bug-gnulib
Re: xmalloc.c's xcalloc performs unnecessary test for N*S overflow
Jim Meyering [EMAIL PROTECTED] writes:
As it stands, if I use both of the xalloc and calloc modules,
calling xcalloc ends up performing the overflow check twice,
first in xcalloc itself (above), and then again in calloc.
Also, xcalloc contains a test n != 0 that isn't needed when
rpl_calloc is being called.
How about the following (untested) change instead? It omits the tests
when they're unnecessary, but it doesn't establish a dependency of
xalloc on calloc. I'd rather leave out dependencies like that if it's
easy.
2005-06-16 Paul Eggert [EMAIL PROTECTED]
* xmalloc (HAVE_CALLOC): Define to 1 if not defined.
(xcalloc): Omit needless tests if ! HAVE_CALLOC.
--- xmalloc.c 2005-05-13 23:03:58 -0700
+++ /tmp/xmalloc.c 2005-06-16 17:14:13 -0700
@@ -30,6 +30,10 @@
# define SIZE_MAX ((size_t) -1)
#endif
+#ifndef HAVE_CALLOC
+# define HAVE_CALLOC 1
+#endif
+
/* Allocate an array of N objects, each with S bytes of memory,
dynamically, with error checking. S must be nonzero. */
@@ -204,8 +208,11 @@ xcalloc (size_t n, size_t s)
{
void *p;
/* Test for overflow, since some calloc implementations don't have
- proper overflow checks. */
- if (xalloc_oversized (n, s) || (! (p = calloc (n, s)) n != 0))
+ proper overflow checks. Omit some tests if !HAVE_CALLOC, since
+ rpl_calloc catches overflow and never returns NULL if
+ successful. */
+ if ((HAVE_CALLOC xalloc_oversized (n, s))
+ || (! (p = calloc (n, s)) ! (HAVE_CALLOC n == 0)))
xalloc_die ();
return p;
}
___
bug-gnulib mailing list
bug-gnulib@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-gnulib
