From 8286bf36f2392472edfeb9324ecb47a787501e38 Mon Sep 17 00:00:00 2001 From: schwarze Date: Wed, 23 Apr 2014 21:06:33 +0000 Subject: [PATCH] Audit malloc(3)/calloc(3)/realloc(3) usage. * Change eight reallocs to reallocarray to be safe from overflows. * Change one malloc to reallocarray to be safe from overflows. * Change one calloc to reallocarray, no zeroing needed. * Change the order of arguments of three callocs (aesthetical). --- usr.bin/mandoc/eqn.c | 6 +++--- usr.bin/mandoc/mandoc_aux.c | 14 +++++++++++++- usr.bin/mandoc/mandoc_aux.h | 3 ++- usr.bin/mandoc/mandocdb.c | 10 +++++----- usr.bin/mandoc/manpath.c | 6 +++--- usr.bin/mandoc/mansearch.c | 8 ++++---- usr.bin/mandoc/mdoc_argv.c | 10 +++++----- usr.bin/mandoc/mdoc_validate.c | 10 +++++----- usr.bin/mandoc/term.c | 4 ++-- usr.bin/mandoc/term_ps.c | 14 ++++---------- 10 files changed, 46 insertions(+), 39 deletions(-) diff --git a/usr.bin/mandoc/eqn.c b/usr.bin/mandoc/eqn.c index 584e2b9dadb..bd38431d1b1 100644 --- a/usr.bin/mandoc/eqn.c +++ b/usr.bin/mandoc/eqn.c @@ -1,4 +1,4 @@ -/* $Id: eqn.c,v 1.8 2014/04/20 19:39:35 schwarze Exp $ */ +/* $Id: eqn.c,v 1.9 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2011 Kristaps Dzonsons * @@ -860,8 +860,8 @@ eqn_do_define(struct eqn_node *ep) if (i == (int)ep->defsz) { ep->defsz++; - ep->defs = mandoc_realloc(ep->defs, - ep->defsz * sizeof(struct eqn_def)); + ep->defs = mandoc_reallocarray(ep->defs, + ep->defsz, sizeof(struct eqn_def)); ep->defs[i].key = ep->defs[i].val = NULL; } diff --git a/usr.bin/mandoc/mandoc_aux.c b/usr.bin/mandoc/mandoc_aux.c index f638b301661..424e0dfa42a 100644 --- a/usr.bin/mandoc/mandoc_aux.c +++ b/usr.bin/mandoc/mandoc_aux.c @@ -1,4 +1,4 @@ -/* $Id: mandoc_aux.c,v 1.2 2014/03/21 22:52:21 schwarze Exp $ */ +/* $Id: mandoc_aux.c,v 1.3 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2009, 2011 Kristaps Dzonsons * Copyright (c) 2014 Ingo Schwarze @@ -80,6 +80,18 @@ mandoc_realloc(void *ptr, size_t size) return(ptr); } +void * +mandoc_reallocarray(void *ptr, size_t num, size_t size) +{ + + ptr = reallocarray(ptr, num, size); + if (NULL == ptr) { + perror(NULL); + exit((int)MANDOCLEVEL_SYSERR); + } + return(ptr); +} + char * mandoc_strdup(const char *ptr) { diff --git a/usr.bin/mandoc/mandoc_aux.h b/usr.bin/mandoc/mandoc_aux.h index 4f178c789c1..3ae1d94a673 100644 --- a/usr.bin/mandoc/mandoc_aux.h +++ b/usr.bin/mandoc/mandoc_aux.h @@ -1,4 +1,4 @@ -/* $Id: mandoc_aux.h,v 1.2 2014/03/21 22:52:21 schwarze Exp $ */ +/* $Id: mandoc_aux.h,v 1.3 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2009, 2011 Kristaps Dzonsons * Copyright (c) 2014 Ingo Schwarze @@ -24,6 +24,7 @@ int mandoc_asprintf(char **, const char *, ...); void *mandoc_calloc(size_t, size_t); void *mandoc_malloc(size_t); void *mandoc_realloc(void *, size_t); +void *mandoc_reallocarray(void *, size_t, size_t); char *mandoc_strdup(const char *); char *mandoc_strndup(const char *, size_t); diff --git a/usr.bin/mandoc/mandocdb.c b/usr.bin/mandoc/mandocdb.c index 9d344288032..3da7cae4c25 100644 --- a/usr.bin/mandoc/mandocdb.c +++ b/usr.bin/mandoc/mandocdb.c @@ -1,4 +1,4 @@ -/* $Id: mandocdb.c,v 1.100 2014/04/23 19:08:52 schwarze Exp $ */ +/* $Id: mandocdb.c,v 1.101 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2011, 2012 Kristaps Dzonsons * Copyright (c) 2011, 2012, 2013, 2014 Ingo Schwarze @@ -463,8 +463,8 @@ mandocdb(int argc, char *argv[]) * manpath_parse() wants to do it. */ if (argc > 0) { - dirs.paths = mandoc_calloc(argc, - sizeof(char *)); + dirs.paths = mandoc_reallocarray(NULL, + argc, sizeof(char *)); dirs.sz = (size_t)argc; for (i = 0; i < argc; i++) dirs.paths[i] = mandoc_strdup(argv[i]); @@ -1776,7 +1776,7 @@ putkeys(const struct mpage *mpage, s->mask |= v; return; } else if (NULL == s) { - s = mandoc_calloc(sizeof(struct str) + sz + 1, 1); + s = mandoc_calloc(1, sizeof(struct str) + sz + 1); memcpy(s->key, cp, sz); ohash_insert(htab, slot, s); } @@ -2304,7 +2304,7 @@ static void * hash_halloc(size_t sz, void *arg) { - return(mandoc_calloc(sz, 1)); + return(mandoc_calloc(1, sz)); } static void * diff --git a/usr.bin/mandoc/manpath.c b/usr.bin/mandoc/manpath.c index 05045ca749a..76b1f3d8abb 100644 --- a/usr.bin/mandoc/manpath.c +++ b/usr.bin/mandoc/manpath.c @@ -1,4 +1,4 @@ -/* $Id: manpath.c,v 1.9 2014/04/20 16:44:44 schwarze Exp $ */ +/* $Id: manpath.c,v 1.10 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2011 Ingo Schwarze * Copyright (c) 2011 Kristaps Dzonsons @@ -119,8 +119,8 @@ manpath_add(struct manpaths *dirs, const char *dir) if (0 == strcmp(dirs->paths[i], dir)) return; - dirs->paths = mandoc_realloc(dirs->paths, - (dirs->sz + 1) * sizeof(char *)); + dirs->paths = mandoc_reallocarray(dirs->paths, + dirs->sz + 1, sizeof(char *)); dirs->paths[dirs->sz++] = mandoc_strdup(cp); } diff --git a/usr.bin/mandoc/mansearch.c b/usr.bin/mandoc/mansearch.c index cf2299dd0ad..eb68043b878 100644 --- a/usr.bin/mandoc/mansearch.c +++ b/usr.bin/mandoc/mansearch.c @@ -1,4 +1,4 @@ -/* $Id: mansearch.c,v 1.25 2014/04/23 16:33:37 schwarze Exp $ */ +/* $Id: mansearch.c,v 1.26 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2012 Kristaps Dzonsons * Copyright (c) 2013, 2014 Ingo Schwarze @@ -320,8 +320,8 @@ mansearch(const struct mansearch *search, mp = ohash_next(&htab, &idx)) { if (cur + 1 > maxres) { maxres += 1024; - *res = mandoc_realloc(*res, - maxres * sizeof(struct manpage)); + *res = mandoc_reallocarray(*res, + maxres, sizeof(struct manpage)); } mpage = *res + cur; mpage->form = mp->form; @@ -785,7 +785,7 @@ static void * hash_halloc(size_t sz, void *arg) { - return(mandoc_calloc(sz, 1)); + return(mandoc_calloc(1, sz)); } static void * diff --git a/usr.bin/mandoc/mdoc_argv.c b/usr.bin/mandoc/mdoc_argv.c index cb9536daceb..e805aaa7dce 100644 --- a/usr.bin/mandoc/mdoc_argv.c +++ b/usr.bin/mandoc/mdoc_argv.c @@ -1,4 +1,4 @@ -/* $Id: mdoc_argv.c,v 1.49 2014/04/20 16:44:44 schwarze Exp $ */ +/* $Id: mdoc_argv.c,v 1.50 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons * Copyright (c) 2012 Ingo Schwarze @@ -355,8 +355,8 @@ mdoc_argv(struct mdoc *mdoc, int line, enum mdoct tok, arg = *v = mandoc_calloc(1, sizeof(struct mdoc_arg)); arg->argc++; - arg->argv = mandoc_realloc(arg->argv, - arg->argc * sizeof(struct mdoc_argv)); + arg->argv = mandoc_reallocarray(arg->argv, + arg->argc, sizeof(struct mdoc_argv)); memcpy(&arg->argv[(int)arg->argc - 1], &tmp, sizeof(struct mdoc_argv)); @@ -663,8 +663,8 @@ argv_multi(struct mdoc *mdoc, int line, break; if (0 == v->sz % MULTI_STEP) - v->value = mandoc_realloc(v->value, - (v->sz + MULTI_STEP) * sizeof(char *)); + v->value = mandoc_reallocarray(v->value, + v->sz + MULTI_STEP, sizeof(char *)); v->value[(int)v->sz] = mandoc_strdup(p); } diff --git a/usr.bin/mandoc/mdoc_validate.c b/usr.bin/mandoc/mdoc_validate.c index 50aa7bce14d..5237a127e54 100644 --- a/usr.bin/mandoc/mdoc_validate.c +++ b/usr.bin/mandoc/mdoc_validate.c @@ -1,4 +1,4 @@ -/* $Id: mdoc_validate.c,v 1.131 2014/04/23 16:07:06 schwarze Exp $ */ +/* $Id: mdoc_validate.c,v 1.132 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2008-2012 Kristaps Dzonsons * Copyright (c) 2010-2014 Ingo Schwarze @@ -1456,8 +1456,8 @@ post_bl_block_tag(POST_ARGS) assert(n->args); i = (int)(n->args->argc)++; - n->args->argv = mandoc_realloc(n->args->argv, - n->args->argc * sizeof(struct mdoc_argv)); + n->args->argv = mandoc_reallocarray(n->args->argv, + n->args->argc, sizeof(struct mdoc_argv)); n->args->argv[i].arg = MDOC_Width; n->args->argv[i].line = n->line; @@ -1517,8 +1517,8 @@ post_bl_head(POST_ARGS) */ np->args->argv[j].sz = (size_t)mdoc->last->nchild; - np->args->argv[j].value = mandoc_malloc( - (size_t)mdoc->last->nchild * sizeof(char *)); + np->args->argv[j].value = mandoc_reallocarray(NULL, + (size_t)mdoc->last->nchild, sizeof(char *)); mdoc->last->norm->Bl.ncols = np->args->argv[j].sz; mdoc->last->norm->Bl.cols = (void *)np->args->argv[j].value; diff --git a/usr.bin/mandoc/term.c b/usr.bin/mandoc/term.c index 51153525ac5..6d1cbe59a7c 100644 --- a/usr.bin/mandoc/term.c +++ b/usr.bin/mandoc/term.c @@ -1,4 +1,4 @@ -/* $Id: term.c,v 1.83 2014/04/20 16:44:44 schwarze Exp $ */ +/* $Id: term.c,v 1.84 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons * Copyright (c) 2010-2014 Ingo Schwarze @@ -518,7 +518,7 @@ adjbuf(struct termp *p, size_t sz) while (sz >= p->maxcols) p->maxcols <<= 2; - p->buf = mandoc_realloc(p->buf, sizeof(int) * p->maxcols); + p->buf = mandoc_reallocarray(p->buf, p->maxcols, sizeof(int)); } static void diff --git a/usr.bin/mandoc/term_ps.c b/usr.bin/mandoc/term_ps.c index 9fd3c2da19f..f77280ebb27 100644 --- a/usr.bin/mandoc/term_ps.c +++ b/usr.bin/mandoc/term_ps.c @@ -1,4 +1,4 @@ -/* $Id: term_ps.c,v 1.24 2014/04/20 16:44:44 schwarze Exp $ */ +/* $Id: term_ps.c,v 1.25 2014/04/23 21:06:33 schwarze Exp $ */ /* * Copyright (c) 2010, 2011 Kristaps Dzonsons * Copyright (c) 2014 Ingo Schwarze @@ -621,12 +621,8 @@ pdf_obj(struct termp *p, size_t obj) if ((obj - 1) >= p->ps->pdfobjsz) { p->ps->pdfobjsz = obj + 128; - p->ps->pdfobjs = realloc(p->ps->pdfobjs, - p->ps->pdfobjsz * sizeof(size_t)); - if (NULL == p->ps->pdfobjs) { - perror(NULL); - exit((int)MANDOCLEVEL_SYSERR); - } + p->ps->pdfobjs = mandoc_reallocarray(p->ps->pdfobjs, + p->ps->pdfobjsz, sizeof(size_t)); } p->ps->pdfobjs[(int)obj - 1] = p->ps->pdfbytes; @@ -1162,7 +1158,5 @@ ps_growbuf(struct termp *p, size_t sz) sz = PS_BUFSLOP; p->ps->psmargsz += sz; - - p->ps->psmarg = mandoc_realloc - (p->ps->psmarg, p->ps->psmargsz); + p->ps->psmarg = mandoc_realloc(p->ps->psmarg, p->ps->psmargsz); } -- 2.20.1