The branch, master has been updated
via f47e5a77 Mention file & line on OOM and overflow errors.
via 91fff802 Check for overflow the right way.
from 3c8ac20d Fix a typo.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f47e5a7732f9b5da71080fdc229acde4ec6da3c1
Author: Wayne Davison <wa...@opencoder.net>
Date: Sun Jul 12 22:46:21 2020 -0700
Mention file & line on OOM and overflow errors.
Also simplify output of src file paths in errors & warnings when
built in a alternate build dir.
commit 91fff802b9513cf0ed616d3aea170d561f899fae
Author: Wayne Davison <wa...@opencoder.net>
Date: Sun Jul 12 21:51:51 2020 -0700
Check for overflow the right way.
-----------------------------------------------------------------------
Summary of changes:
cleanup.c | 2 +-
flist.c | 12 ++++--------
lib/pool_alloc.3 | 2 +-
lib/pool_alloc.c | 6 +++---
lib/pool_alloc.h | 2 +-
log.c | 4 ++--
options.c | 4 ++--
rsync.h | 7 +++++++
util.c | 25 ++++++++++++-------------
util2.c | 34 +++++++++++++++++++++++++---------
xattrs.c | 7 +++----
11 files changed, 61 insertions(+), 44 deletions(-)
Changeset truncated at 500 lines:
diff --git a/cleanup.c b/cleanup.c
index f9a5d76b..40d26baa 100644
--- a/cleanup.c
+++ b/cleanup.c
@@ -137,7 +137,7 @@ NORETURN void _exit_cleanup(int code, const char *file, int
line)
if (DEBUG_GTE(EXIT, 2)) {
rprintf(FINFO,
"[%s] _exit_cleanup(code=%d, file=%s, line=%d):
entered\n",
- who_am_i(), code, file, line);
+ who_am_i(), code, src_file(file), line);
}
#include "case_N.h"
diff --git a/flist.c b/flist.c
index 39f942b0..6c2543cd 100644
--- a/flist.c
+++ b/flist.c
@@ -133,6 +133,7 @@ static char empty_sum[MAX_DIGEST_LEN];
static int flist_count_offset; /* for --delete --progress */
static int show_filelist_progress;
+static struct file_list *flist_new(int flags, const char *msg);
static void flist_sort_and_clean(struct file_list *flist, int strip_root);
static void output_flist(struct file_list *flist);
@@ -2797,25 +2798,20 @@ void clear_file(struct file_struct *file)
}
/* Allocate a new file list. */
-struct file_list *flist_new(int flags, char *msg)
+static struct file_list *flist_new(int flags, const char *msg)
{
struct file_list *flist;
flist = new0(struct file_list);
if (flags & FLIST_TEMP) {
- if (!(flist->file_pool = pool_create(SMALL_EXTENT, 0,
- out_of_memory,
- POOL_INTERN)))
+ if (!(flist->file_pool = pool_create(SMALL_EXTENT, 0,
_out_of_memory, POOL_INTERN)))
out_of_memory(msg);
} else {
/* This is a doubly linked list with prev looping back to
* the end of the list, but the last next pointer is NULL. */
if (!first_flist) {
- flist->file_pool = pool_create(NORMAL_EXTENT, 0,
- out_of_memory,
- POOL_INTERN);
- if (!flist->file_pool)
+ if (!(flist->file_pool = pool_create(NORMAL_EXTENT, 0,
_out_of_memory, POOL_INTERN)))
out_of_memory(msg);
flist->ndx_start = flist->flist_num = inc_recurse ? 1 :
0;
diff --git a/lib/pool_alloc.3 b/lib/pool_alloc.3
index 6c22b924..128c1f7f 100644
--- a/lib/pool_alloc.3
+++ b/lib/pool_alloc.3
@@ -33,7 +33,7 @@ pool_alloc, pool_free, pool_free_old, pool_talloc,
pool_tfree, pool_create, pool
.SH SYNOPSIS
.B #include "pool_alloc.h"
-\fBstruct alloc_pool *pool_create(size_t \fIsize\fB, size_t \fIquantum\fB,
void (*\fIbomb\fB)(char *), int \fIflags\fB);
+\fBstruct alloc_pool *pool_create(size_t \fIsize\fB, size_t \fIquantum\fB,
void (*\fIbomb\fB)(char*,char*,int), int \fIflags\fB);
\fBvoid pool_destroy(struct alloc_pool *\fIpool\fB);
diff --git a/lib/pool_alloc.c b/lib/pool_alloc.c
index a70a3f1a..f6c6faf6 100644
--- a/lib/pool_alloc.c
+++ b/lib/pool_alloc.c
@@ -45,13 +45,13 @@ struct align_test {
#define PTR_ADD(b,o) ( (void*) ((char*)(b) + (o)) )
alloc_pool_t
-pool_create(size_t size, size_t quantum, void (*bomb)(const char *), int flags)
+pool_create(size_t size, size_t quantum, void (*bomb)(const char*, const
char*, int), int flags)
{
struct alloc_pool *pool;
if ((MINALIGN & (MINALIGN - 1)) != 0) {
if (bomb)
- (*bomb)("Compiler error: MINALIGN is not a power of
2\n");
+ (*bomb)("Compiler error: MINALIGN is not a power of 2",
__FILE__, __LINE__);
return NULL;
}
@@ -169,7 +169,7 @@ pool_alloc(alloc_pool_t p, size_t len, const char *bomb_msg)
bomb_out:
if (pool->bomb)
- (*pool->bomb)(bomb_msg);
+ (*pool->bomb)(bomb_msg, __FILE__, __LINE__);
return NULL;
}
diff --git a/lib/pool_alloc.h b/lib/pool_alloc.h
index c7368a77..28059212 100644
--- a/lib/pool_alloc.h
+++ b/lib/pool_alloc.h
@@ -7,7 +7,7 @@
typedef void *alloc_pool_t;
-alloc_pool_t pool_create(size_t size, size_t quantum, void (*bomb)(const char
*), int flags);
+alloc_pool_t pool_create(size_t size, size_t quantum, void (*bomb)(const
char*, const char*, int), int flags);
void pool_destroy(alloc_pool_t pool);
void *pool_alloc(alloc_pool_t pool, size_t size, const char *bomb_msg);
void pool_free(alloc_pool_t pool, size_t size, void *addr);
diff --git a/log.c b/log.c
index 633bcdbc..85eae3d5 100644
--- a/log.c
+++ b/log.c
@@ -890,10 +890,10 @@ void log_exit(int code, const char *file, int line)
/* VANISHED is not an error, only a warning */
if (code == RERR_VANISHED) {
rprintf(FWARNING, "rsync warning: %s (code %d) at
%s(%d) [%s=%s]\n",
- name, code, file, line, who_am_i(),
RSYNC_VERSION);
+ name, code, src_file(file), line, who_am_i(),
RSYNC_VERSION);
} else {
rprintf(FERROR, "rsync error: %s (code %d) at %s(%d)
[%s=%s]\n",
- name, code, file, line, who_am_i(),
RSYNC_VERSION);
+ name, code, src_file(file), line, who_am_i(),
RSYNC_VERSION);
}
}
}
diff --git a/options.c b/options.c
index 9ed16405..0ecabe8d 100644
--- a/options.c
+++ b/options.c
@@ -119,7 +119,6 @@ size_t bwlimit_writemax = 0;
int ignore_existing = 0;
int ignore_non_existing = 0;
int need_messages_from_generator = 0;
-time_t stop_at_utime = 0;
int max_delete = INT_MIN;
OFF_T max_size = -1;
OFF_T min_size = -1;
@@ -130,6 +129,7 @@ int checksum_seed = 0;
int inplace = 0;
int delay_updates = 0;
int32 block_size = 0;
+time_t stop_at_utime = 0;
char *skip_compress = NULL;
char *copy_as = NULL;
item_list dparam_list = EMPTY_ITEM_LIST;
@@ -2051,7 +2051,7 @@ int parse_arguments(int *argc_p, const char ***argv_p)
long val;
arg = poptGetOptArg(pc);
stop_at_utime = time(NULL);
- if ((val = atol(arg) * 60) <= 0 || val +
(long)stop_at_utime < 0) {
+ if ((val = atol(arg) * 60) <= 0 || LONG_MAX - val <
stop_at_utime || (long)(time_t)val != val) {
snprintf(err_buf, sizeof err_buf, "invalid
--stop-after value: %s\n", arg);
return 0;
}
diff --git a/rsync.h b/rsync.h
index be4d8550..c8715747 100644
--- a/rsync.h
+++ b/rsync.h
@@ -711,6 +711,10 @@ struct ht_int64_node {
#define NAME_MAX 255
#endif
+#ifndef SIZE_MAX
+#define SIZE_MAX ((size_t)-1)
+#endif
+
#ifndef INADDR_NONE
#define INADDR_NONE 0xffffffff
#endif
@@ -1321,6 +1325,9 @@ extern char *do_malloc;
#undef strdup
#define strdup(s) my_strdup(s, __FILE__, __LINE__)
+#define out_of_memory(msg) _out_of_memory(msg, __FILE__, __LINE__)
+#define overflow_exit(msg) _overflow_exit(msg, __FILE__, __LINE__)
+
/* use magic gcc attributes to catch format errors */
void rprintf(enum logcode , const char *, ...)
__attribute__((format (printf, 2, 3)))
diff --git a/util.c b/util.c
index 3a50e44f..f5588324 100644
--- a/util.c
+++ b/util.c
@@ -1632,28 +1632,27 @@ void *expand_item_list(item_list *lp, size_t item_size,
const char *desc, int in
/* First time through, 0 <= 0, so list is expanded. */
if (lp->malloced <= lp->count) {
void *new_ptr;
- size_t new_size = lp->malloced;
+ size_t expand_size;
if (incr < 0)
- new_size += -incr; /* increase slowly */
- else if (new_size < (size_t)incr)
- new_size = incr;
- else if (new_size)
- new_size *= 2;
+ expand_size = -incr; /* increase slowly */
+ else if (lp->malloced < (size_t)incr)
+ expand_size = incr - lp->malloced;
+ else if (lp->malloced)
+ expand_size = lp->malloced; /* double in size */
else
- new_size = 1;
- if (new_size <= lp->malloced)
+ expand_size = 1;
+ if (SIZE_MAX/item_size - expand_size < lp->malloced)
overflow_exit("expand_item_list");
- new_ptr = realloc_buf(lp->items, new_size * item_size);
+ expand_size += lp->malloced;
+ new_ptr = realloc_buf(lp->items, expand_size * item_size);
if (DEBUG_GTE(FLIST, 3)) {
rprintf(FINFO, "[%s] expand %s to %s bytes, did%s
move\n",
- who_am_i(), desc, big_num(new_size * item_size),
+ who_am_i(), desc, big_num(expand_size *
item_size),
new_ptr == lp->items ? " not" : "");
}
- if (!new_ptr)
- out_of_memory("expand_item_list");
lp->items = new_ptr;
- lp->malloced = new_size;
+ lp->malloced = expand_size;
}
return (char*)lp->items + (lp->count++ * item_size);
}
diff --git a/util2.c b/util2.c
index 6ea6981d..8879c987 100644
--- a/util2.c
+++ b/util2.c
@@ -76,7 +76,7 @@ void *my_alloc(void *ptr, size_t num, size_t size, const char
*file, int line)
if (!file)
return NULL;
rprintf(FERROR, "[%s] exceeded --max-alloc=%s setting (file=%s,
line=%d)\n",
- who_am_i(), do_big_num(max_alloc, 0, NULL), file, line);
+ who_am_i(), do_big_num(max_alloc, 0, NULL),
src_file(file), line);
exit_cleanup(RERR_MALLOC);
}
if (!ptr)
@@ -85,10 +85,8 @@ void *my_alloc(void *ptr, size_t num, size_t size, const
char *file, int line)
ptr = malloc(num * size);
else
ptr = realloc(ptr, num * size);
- if (!ptr && file) {
- rprintf(FERROR, "[%s] out of memory (file=%s, line=%d)\n",
who_am_i(), file, line);
- exit_cleanup(RERR_MALLOC);
- }
+ if (!ptr && file)
+ _out_of_memory("my_alloc caller", file, line);
return ptr;
}
@@ -119,14 +117,32 @@ const char *sum_as_hex(int csum_type, const char *sum,
int flist_csum)
return buf;
}
-NORETURN void out_of_memory(const char *str)
+NORETURN void _out_of_memory(const char *msg, const char *file, int line)
{
- rprintf(FERROR, "ERROR: out of memory in %s [%s]\n", str, who_am_i());
+ rprintf(FERROR, "[%s] out of memory: %s (file=%s, line=%d)\n",
who_am_i(), msg, src_file(file), line);
exit_cleanup(RERR_MALLOC);
}
-NORETURN void overflow_exit(const char *str)
+NORETURN void _overflow_exit(const char *msg, const char *file, int line)
{
- rprintf(FERROR, "ERROR: buffer overflow in %s [%s]\n", str, who_am_i());
+ rprintf(FERROR, "[%s] buffer overflow: %s (file=%s, line=%d)\n",
who_am_i(), msg, src_file(file), line);
exit_cleanup(RERR_MALLOC);
}
+
+const char *src_file(const char *file)
+{
+ static const char *util2 = __FILE__;
+ static int prefix = -1;
+
+ if (prefix < 0) {
+ const char *cp;
+ for (cp = util2, prefix = 0; *cp; cp++) {
+ if (*cp == '/')
+ prefix = cp - util2 + 1;
+ }
+ }
+
+ if (prefix && strncmp(file, util2, prefix) == 0)
+ return file + prefix;
+ return file;
+}
diff --git a/xattrs.c b/xattrs.c
index b10c2567..bcb4bcac 100644
--- a/xattrs.c
+++ b/xattrs.c
@@ -199,7 +199,7 @@ static char *get_xattr_data(const char *fname, const char
*name, size_t *len_ptr
if (!datum_len && !extra_len)
extra_len = 1; /* request non-zero amount of memory */
- if (datum_len + extra_len < datum_len)
+ if (SIZE_MAX - datum_len < extra_len)
overflow_exit("get_xattr_data");
ptr = new_array(char, datum_len + extra_len);
@@ -748,7 +748,7 @@ int recv_xattr_request(struct file_struct *file, int f_in)
old_datum = rxa->datum;
rxa->datum_len = read_varint(f_in);
- if (rxa->name_len + rxa->datum_len < rxa->name_len)
+ if (SIZE_MAX - rxa->name_len < rxa->datum_len)
overflow_exit("recv_xattr_request");
rxa->datum = new_array(char, rxa->datum_len + rxa->name_len);
name = rxa->datum + rxa->datum_len;
@@ -799,8 +799,7 @@ void receive_xattr(int f, struct file_struct *file)
size_t datum_len = read_varint(f);
size_t dget_len = datum_len > MAX_FULL_DATUM ? 1 +
MAX_DIGEST_LEN : datum_len;
size_t extra_len = MIGHT_NEED_RPRE ? RPRE_LEN : 0;
- if ((dget_len + extra_len < dget_len)
- || (dget_len + extra_len + name_len < dget_len + extra_len))
+ if (SIZE_MAX - dget_len < extra_len || SIZE_MAX - dget_len -
extra_len < name_len)
overflow_exit("receive_xattr");
ptr = new_array(char, dget_len + extra_len + name_len);
name = ptr + dget_len + extra_len;
--
The rsync repository.
_______________________________________________
rsync-cvs mailing list
rsync-cvs@lists.samba.org
https://lists.samba.org/mailman/listinfo/rsync-cvs
