OK, Grrr... messed this up, sent thw wrong version. Both the To: header and the text contain errors, but the intend should be clear. Diff is the right version.
Take care when replying. -Otto On Thu, Jun 05, 2014 at 02:22:01PM +0200, Otto Moerbeek wrote: > Hi, > > The new malloc has been comitted, so now take the next step. > > This changes _dl_malloc to a regular non-zeroing _dl_malloc and uses > _dl_calloc and _dl_reallocarray. > > This needs carefull review. I left some malloc calls since they do not > require zero'ing according to my analysis, but this easy to get wrong. > This also hold fo changes to _dl_reallocarray, since it does not zero, > while the old _dl_malloc did. > > Some parts of this diff extracted from a diff by deraadt@ > > Pleas review and test. > > -Otto > > Index: Makefile > =================================================================== > RCS file: /cvs/src/libexec/ld.so/Makefile,v > retrieving revision 1.49 > diff -u -p -r1.49 Makefile > --- Makefile 5 Jun 2014 08:41:09 -0000 1.49 > +++ Makefile 5 Jun 2014 11:22:35 -0000 > @@ -15,7 +15,7 @@ VPATH=${.CURDIR}/../../lib/libc/string > SRCS= ldasm.S boot.c loader.c resolve.c dlfcn.c dl_printf.c > rtld_machine.c > SRCS+= path.c util.c sod.c strsep.c strtol.c dir.c library_subr.c > dl_prebind.c > SRCS+= dl_realpath.c dl_uname.c dl_dirname.c strlcat.c strlen.c trace.c > -SRCS+= malloc.c > +SRCS+= malloc.c reallocarray.c > > .if (${MACHINE_ARCH} == "i386") > SRCS+= library_mquery.c > Index: dir.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/dir.c,v > retrieving revision 1.17 > diff -u -p -r1.17 dir.c > --- dir.c 13 Aug 2013 05:52:17 -0000 1.17 > +++ dir.c 5 Jun 2014 11:22:35 -0000 > @@ -68,7 +68,7 @@ _dl_opendir(const char *name) > return (NULL); > } > if (_dl_fcntl(fd, F_SETFD, FD_CLOEXEC) < 0 || > - (dirp = _dl_malloc(sizeof(*dirp))) == NULL) { > + (dirp = _dl_calloc(1, sizeof(*dirp))) == NULL) { > _dl_close(fd); > return (NULL); > } > Index: dl_prebind.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/dl_prebind.c,v > retrieving revision 1.13 > diff -u -p -r1.13 dl_prebind.c > --- dl_prebind.c 13 Nov 2013 05:41:41 -0000 1.13 > +++ dl_prebind.c 5 Jun 2014 11:22:35 -0000 > @@ -200,7 +200,8 @@ prebind_symcache(elf_object_t *object, i > if (i <= NUM_STATIC_OBJS) { > objarray = &objarray_static[0]; > } else { > - objarray = _dl_malloc(sizeof(elf_object_t *) * i); > + objarray = _dl_reallocarray(NULL, > + sizeof(elf_object_t *), i); > } > > obj = _dl_objects; > Index: library.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/library.c,v > retrieving revision 1.67 > diff -u -p -r1.67 library.c > --- library.c 20 Aug 2012 23:25:07 -0000 1.67 > +++ library.c 5 Jun 2014 11:22:35 -0000 > @@ -195,7 +195,7 @@ _dl_tryload_shlib(const char *libname, i > TRUNC_PG(phdp->p_offset)); > } else > res = NULL; /* silence gcc */ > - next_load = _dl_malloc(sizeof(struct load_list)); > + next_load = _dl_calloc(1, sizeof(struct load_list)); > next_load->next = load_list; > load_list = next_load; > next_load->start = start; > Index: library_mquery.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/library_mquery.c,v > retrieving revision 1.44 > diff -u -p -r1.44 library_mquery.c > --- library_mquery.c 20 Aug 2012 23:25:07 -0000 1.44 > +++ library_mquery.c 5 Jun 2014 11:22:35 -0000 > @@ -158,6 +158,7 @@ _dl_tryload_shlib(const char *libname, i > size = off + phdp->p_filesz; > > if (size != 0) { > + /* XXX */ > ld = _dl_malloc(sizeof(struct load_list)); > ld->start = NULL; > ld->size = size; > @@ -171,7 +172,7 @@ _dl_tryload_shlib(const char *libname, i > ROUND_PG(size) == ROUND_PG(off + phdp->p_memsz)) > break; > /* This phdr has a zfod section */ > - ld = _dl_malloc(sizeof(struct load_list)); > + ld = _dl_calloc(1, sizeof(struct load_list)); > ld->start = NULL; > ld->size = ROUND_PG(off + phdp->p_memsz) - > ROUND_PG(size); > Index: loader.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/loader.c,v > retrieving revision 1.147 > diff -u -p -r1.147 loader.c > --- loader.c 16 Feb 2014 01:16:38 -0000 1.147 > +++ loader.c 5 Jun 2014 11:22:35 -0000 > @@ -280,8 +280,10 @@ _dl_load_dep_libs(elf_object_t *object, > } *liblist; > int *randomlist; > > - liblist = _dl_malloc(libcount * sizeof(struct listent)); > - randomlist = _dl_malloc(libcount * sizeof(int)); > + liblist = _dl_reallocarray(NULL, libcount, > + sizeof(struct listent)); > + randomlist = _dl_reallocarray(NULL, libcount, > + sizeof(int)); > > if (liblist == NULL) > _dl_exit(5); > @@ -458,7 +460,7 @@ _dl_boot(const char **argv, char **envp, > if (phdp->p_vaddr > maxva) > maxva = phdp->p_vaddr + phdp->p_memsz; > > - next_load = _dl_malloc(sizeof(struct load_list)); > + next_load = _dl_calloc(1, sizeof(struct load_list)); > next_load->next = load_list; > load_list = next_load; > next_load->start = (char *)TRUNC_PG(phdp->p_vaddr) + > exe_loff; > @@ -560,6 +562,7 @@ _dl_boot(const char **argv, char **envp, > DL_DEB(("failed to mark DTDEBUG\n")); > } > if (map_link) { > + /* XXX */ > debug_map = (struct r_debug *)_dl_malloc(sizeof(*debug_map)); > debug_map->r_version = 1; > debug_map->r_map = (struct link_map *)_dl_objects; > Index: malloc.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/malloc.c,v > retrieving revision 1.1 > diff -u -p -r1.1 malloc.c > --- malloc.c 5 Jun 2014 08:39:07 -0000 1.1 > +++ malloc.c 5 Jun 2014 11:22:35 -0000 > @@ -887,7 +887,7 @@ _dl_malloc(size_t size) > malloc_recurse(); > return NULL; > } > - r = omalloc(size, 1 /* XXX */); > + r = omalloc(size, 0); > malloc_active--; > return r; > } > Index: path.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/path.c,v > retrieving revision 1.1 > diff -u -p -r1.1 path.c > --- path.c 20 Mar 2013 21:49:59 -0000 1.1 > +++ path.c 5 Jun 2014 11:22:36 -0000 > @@ -43,7 +43,7 @@ _dl_split_path(const char *searchpath) > /* one more for NULL entry */ > count++; > > - retval = _dl_malloc(count * sizeof(retval)); > + retval = _dl_reallocarray(NULL, count, sizeof(retval)); > > if (retval == NULL) > return (NULL); > @@ -76,6 +76,7 @@ _dl_split_path(const char *searchpath) > pp = NULL; > } > > + retval[pos] = NULL; > return (retval); > > badret: > Index: reallocarray.c > =================================================================== > RCS file: reallocarray.c > diff -N reallocarray.c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ reallocarray.c 5 Jun 2014 11:22:36 -0000 > @@ -0,0 +1,47 @@ > +/* $OpenBSD: reallocarray.c,v 1.1 2014/05/08 21:43:49 deraadt Exp $ > */ > +/* > + * Copyright (c) 2008 Otto Moerbeek <o...@drijf.net> > + * > + * Permission to use, copy, modify, and distribute this software for any > + * purpose with or without fee is hereby granted, provided that the above > + * copyright notice and this permission notice appear in all copies. > + * > + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES > + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF > + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR > + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES > + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN > + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF > + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. > + */ > + > +#include <sys/types.h> > +#include <stdint.h> > +#include <stdlib.h> > +#include <unistd.h> > +#include "archdep.h" > + > +/* > + * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX > + * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW > + */ > +#define MUL_NO_OVERFLOW (1UL << (sizeof(size_t) * 4)) > + > +void * > +_dl_reallocarray(void *optr, size_t nmemb, size_t size) > +{ > + static const char msg1[] = "realloc not available\n"; > + static const char msg2[] = "reallocarray overflow\n"; > + > + if (optr != NULL) { > + _dl_write(STDERR_FILENO, msg1, sizeof(msg1) - 1); > + _dl_exit(7); > + } > + > + if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && > + nmemb > 0 && SIZE_MAX / nmemb < size) { > + _dl_write(STDERR_FILENO, msg2, sizeof(msg2) - 1); > + _dl_exit(7); > + } > + return _dl_malloc(size * nmemb); > +} > Index: resolve.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/resolve.c,v > retrieving revision 1.65 > diff -u -p -r1.65 resolve.c > --- resolve.c 27 Nov 2013 21:25:25 -0000 1.65 > +++ resolve.c 5 Jun 2014 11:22:36 -0000 > @@ -245,7 +245,7 @@ _dl_finalize_object(const char *objname, > _dl_printf("objname [%s], dynp %p, objtype %x lbase %lx, obase %lx\n", > objname, dynp, objtype, lbase, obase); > #endif > - object = _dl_malloc(sizeof(elf_object_t)); > + object = _dl_calloc(1, sizeof(elf_object_t)); > object->prev = object->next = NULL; > > object->load_dyn = dynp; > @@ -329,6 +329,7 @@ _dl_finalize_object(const char *objname, > object->phdrc = phdrc; > object->load_base = lbase; > object->obj_base = obase; > + /* XXX */ > object->load_name = _dl_strdup(objname); > object->load_object = _dl_loading_object; > if (object->load_object == object) > Index: sod.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/sod.c,v > retrieving revision 1.27 > diff -u -p -r1.27 sod.c > --- sod.c 3 Dec 2013 01:47:05 -0000 1.27 > +++ sod.c 5 Jun 2014 11:22:36 -0000 > @@ -64,6 +64,7 @@ _dl_build_sod(const char *name, struct s > char *realname, *tok, *etok, *cp; > > /* default is an absolute or relative path */ > + /* XXX */ > sodp->sod_name = (long)_dl_strdup(name); /* strtok is destructive */ > sodp->sod_library = 0; > sodp->sod_major = sodp->sod_minor = 0; > @@ -121,6 +122,7 @@ _dl_build_sod(const char *name, struct s > if (realname == NULL) > goto backout; > cp = (char *)sodp->sod_name; > + /* XXX */ > sodp->sod_name = (long)_dl_strdup(realname); > _dl_free(cp); > sodp->sod_library = 1; > @@ -130,6 +132,7 @@ _dl_build_sod(const char *name, struct s > > backout: > _dl_free((char *)sodp->sod_name); > + /* XXX */ > sodp->sod_name = (long)_dl_strdup(name); > } > > Index: util.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/util.c,v > retrieving revision 1.30 > diff -u -p -r1.30 util.c > --- util.c 5 Jun 2014 08:39:07 -0000 1.30 > +++ util.c 5 Jun 2014 11:22:36 -0000 > @@ -51,11 +51,12 @@ char * > _dl_strdup(const char *orig) > { > char *newstr; > - int len; > + size_t len; > > len = _dl_strlen(orig)+1; > newstr = _dl_malloc(len); > - _dl_strlcpy(newstr, orig, len); > + if (newstr != NULL) > + _dl_strlcpy(newstr, orig, len); > return (newstr); > } > > Index: util.h > =================================================================== > RCS file: /cvs/src/libexec/ld.so/util.h,v > retrieving revision 1.25 > diff -u -p -r1.25 util.h > --- util.h 23 Jan 2014 01:07:45 -0000 1.25 > +++ util.h 5 Jun 2014 11:22:36 -0000 > @@ -34,7 +34,9 @@ > #include <sys/utsname.h> > #include <stdarg.h> > > -void *_dl_malloc(const size_t size); > +void *_dl_malloc(size_t size); > +void *_dl_calloc(size_t nmemb, const size_t size); > +void *_dl_reallocarray(void *, size_t nmemb, size_t size); > void _dl_free(void *); > char *_dl_strdup(const char *); > size_t _dl_strlen(const char *); > Index: ldconfig/prebind_path.c > =================================================================== > RCS file: /cvs/src/libexec/ld.so/ldconfig/prebind_path.c,v > retrieving revision 1.2 > diff -u -p -r1.2 prebind_path.c > --- ldconfig/prebind_path.c 13 Nov 2013 05:41:43 -0000 1.2 > +++ ldconfig/prebind_path.c 5 Jun 2014 11:22:36 -0000 > @@ -21,6 +21,12 @@ > #include <string.h> > #include "util.h" > > +void * > > +_dl_reallocarray(void *ptr, size_t cnt, size_t num) > > +{ > > + return reallocarray(ptr, cnt, num); > +} > + > void * > _dl_malloc(size_t need) > {