library: exploit enhanced library memory allocation provisions
There were numerous library memory allocation inconsistencies. Some were checked for failure and others were not. All library source modules were modified to utilize the alloc.h memory rouines which are consistent in dealing with errors.
This commit is contained in:
parent
7126cc4491
commit
827334870d
@ -18,6 +18,7 @@
|
|||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include "version.h"
|
#include "version.h"
|
||||||
#include "devname.h"
|
#include "devname.h"
|
||||||
|
#include "alloc.h"
|
||||||
|
|
||||||
// This is the buffer size for a tty name. Any path is legal,
|
// This is the buffer size for a tty name. Any path is legal,
|
||||||
// which makes PAGE_SIZE appropriate (see kernel source), but
|
// which makes PAGE_SIZE appropriate (see kernel source), but
|
||||||
@ -75,7 +76,7 @@ static void load_drivers(void){
|
|||||||
end = strchr(p, ' ');
|
end = strchr(p, ' ');
|
||||||
if(!end) continue;
|
if(!end) continue;
|
||||||
len = end - p;
|
len = end - p;
|
||||||
tmn = calloc(1, sizeof(tty_map_node));
|
tmn = xcalloc(sizeof(tty_map_node));
|
||||||
tmn->next = tty_map;
|
tmn->next = tty_map;
|
||||||
tty_map = tmn;
|
tty_map = tmn;
|
||||||
/* if we have a devfs type name such as /dev/tts/%d then strip the %d but
|
/* if we have a devfs type name such as /dev/tts/%d then strip the %d but
|
||||||
|
21
proc/ksym.c
21
proc/ksym.c
@ -20,6 +20,7 @@
|
|||||||
#include <sys/mman.h>
|
#include <sys/mman.h>
|
||||||
#include <sys/utsname.h>
|
#include <sys/utsname.h>
|
||||||
#include "procps.h"
|
#include "procps.h"
|
||||||
|
#include "alloc.h"
|
||||||
#include "version.h"
|
#include "version.h"
|
||||||
#include "sysinfo.h" /* smp_num_cpus */
|
#include "sysinfo.h" /* smp_num_cpus */
|
||||||
#include "wchan.h" // to verify prototypes
|
#include "wchan.h" // to verify prototypes
|
||||||
@ -230,8 +231,7 @@ static void read_file(const char *restrict filename, char **bufp, unsigned *rest
|
|||||||
unsigned room = *roomp;
|
unsigned room = *roomp;
|
||||||
|
|
||||||
if(!room) goto hell; /* failed before */
|
if(!room) goto hell; /* failed before */
|
||||||
if(!buf) buf = malloc(room);
|
if(!buf) buf = xmalloc(room);
|
||||||
if(!buf) goto hell;
|
|
||||||
open_again:
|
open_again:
|
||||||
fd = open(filename, O_RDONLY|O_NOCTTY|O_NONBLOCK);
|
fd = open(filename, O_RDONLY|O_NOCTTY|O_NONBLOCK);
|
||||||
if(fd<0){
|
if(fd<0){
|
||||||
@ -257,8 +257,7 @@ open_again:
|
|||||||
total += done;
|
total += done;
|
||||||
/* more to go, but no room in buffer */
|
/* more to go, but no room in buffer */
|
||||||
room *= 2;
|
room *= 2;
|
||||||
tmp = realloc(buf, room);
|
tmp = xrealloc(buf, room);
|
||||||
if(!tmp) goto hell;
|
|
||||||
buf = tmp;
|
buf = tmp;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@ -296,8 +295,7 @@ static int parse_ksyms(void) {
|
|||||||
for(;;){
|
for(;;){
|
||||||
void *vp;
|
void *vp;
|
||||||
idx_room *= 2;
|
idx_room *= 2;
|
||||||
vp = realloc(ksyms_index, sizeof(symb)*idx_room);
|
vp = xrealloc(ksyms_index, sizeof(symb)*idx_room);
|
||||||
if(!vp) goto bad_alloc;
|
|
||||||
ksyms_index = vp;
|
ksyms_index = vp;
|
||||||
bypass:
|
bypass:
|
||||||
for(;;){
|
for(;;){
|
||||||
@ -317,10 +315,6 @@ bypass:
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(0){
|
|
||||||
bad_alloc:
|
|
||||||
fprintf(stderr, "Warning: not enough memory available\n");
|
|
||||||
}
|
|
||||||
if(0){
|
if(0){
|
||||||
bad_parse:
|
bad_parse:
|
||||||
fprintf(stderr, "Warning: "KSYMS_FILENAME" not normal\n");
|
fprintf(stderr, "Warning: "KSYMS_FILENAME" not normal\n");
|
||||||
@ -367,8 +361,7 @@ static int sysmap_mmap(const char *restrict const filename, message_fn message)
|
|||||||
for(;;){
|
for(;;){
|
||||||
void *vp;
|
void *vp;
|
||||||
sysmap_room *= 2;
|
sysmap_room *= 2;
|
||||||
vp = realloc(sysmap_index, sizeof(symb)*sysmap_room);
|
vp = xrealloc(sysmap_index, sizeof(symb)*sysmap_room);
|
||||||
if(!vp) goto bad_alloc;
|
|
||||||
sysmap_index = vp;
|
sysmap_index = vp;
|
||||||
for(;;){
|
for(;;){
|
||||||
char *vstart;
|
char *vstart;
|
||||||
@ -434,10 +427,6 @@ bad_version:
|
|||||||
message("Warning: %s has an incorrect kernel version.\n", filename);
|
message("Warning: %s has an incorrect kernel version.\n", filename);
|
||||||
}
|
}
|
||||||
if(0){
|
if(0){
|
||||||
bad_alloc:
|
|
||||||
message("Warning: not enough memory available\n");
|
|
||||||
}
|
|
||||||
if(0){
|
|
||||||
bad_parse:
|
bad_parse:
|
||||||
message("Warning: %s not parseable as a System.map\n", filename);
|
message("Warning: %s not parseable as a System.map\n", filename);
|
||||||
}
|
}
|
||||||
|
@ -65,7 +65,7 @@ char *group_from_gid(gid_t gid) {
|
|||||||
return((*g)->name);
|
return((*g)->name);
|
||||||
g = &(*g)->next;
|
g = &(*g)->next;
|
||||||
}
|
}
|
||||||
*g = (struct grpbuf *) malloc(sizeof(struct grpbuf));
|
*g = (struct grpbuf *) xmalloc(sizeof(struct grpbuf));
|
||||||
(*g)->gid = gid;
|
(*g)->gid = gid;
|
||||||
gr = getgrgid(gid);
|
gr = getgrgid(gid);
|
||||||
if (!gr || strlen(gr->gr_name) >= P_G_SZ)
|
if (!gr || strlen(gr->gr_name) >= P_G_SZ)
|
||||||
|
@ -345,7 +345,7 @@ ENTER(0x220);
|
|||||||
if (' ' == P->supgid[j])
|
if (' ' == P->supgid[j])
|
||||||
P->supgid[j] = ',';
|
P->supgid[j] = ',';
|
||||||
} else
|
} else
|
||||||
P->supgid = strdup("-");
|
P->supgid = xstrdup("-");
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
case_CapBnd:
|
case_CapBnd:
|
||||||
@ -402,7 +402,7 @@ static void supgrps_from_supgids (proc_t *p) {
|
|||||||
int t;
|
int t;
|
||||||
|
|
||||||
if (!p->supgid || '-' == *p->supgid) {
|
if (!p->supgid || '-' == *p->supgid) {
|
||||||
p->supgrp = strdup("-");
|
p->supgrp = xstrdup("-");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
s = p->supgid;
|
s = p->supgid;
|
||||||
@ -410,7 +410,7 @@ static void supgrps_from_supgids (proc_t *p) {
|
|||||||
do {
|
do {
|
||||||
if (',' == *s) ++s;
|
if (',' == *s) ++s;
|
||||||
g = group_from_gid((uid_t)strtol(s, &s, 10));
|
g = group_from_gid((uid_t)strtol(s, &s, 10));
|
||||||
p->supgrp = realloc(p->supgrp, P_G_SZ+t+2);
|
p->supgrp = xrealloc(p->supgrp, P_G_SZ+t+2);
|
||||||
t += snprintf(p->supgrp+t, P_G_SZ+2, "%s%s", t ? "," : "", g);
|
t += snprintf(p->supgrp+t, P_G_SZ+2, "%s%s", t ? "," : "", g);
|
||||||
} while (*s);
|
} while (*s);
|
||||||
}
|
}
|
||||||
@ -620,7 +620,7 @@ static char** vectorize_this_str (const char* src) {
|
|||||||
|
|
||||||
tot = strlen(src) + 1; // prep for our vectors
|
tot = strlen(src) + 1; // prep for our vectors
|
||||||
adj = (pSZ-1) - ((tot + pSZ-1) & (pSZ-1)); // calc alignment bytes
|
adj = (pSZ-1) - ((tot + pSZ-1) & (pSZ-1)); // calc alignment bytes
|
||||||
cpy = xcalloc(NULL, tot + adj + (2 * pSZ)); // get new larger buffer
|
cpy = xcalloc(tot + adj + (2 * pSZ)); // get new larger buffer
|
||||||
snprintf(cpy, tot, "%s", src); // duplicate their string
|
snprintf(cpy, tot, "%s", src); // duplicate their string
|
||||||
vec = (char**)(cpy + tot + adj); // prep pointer to pointers
|
vec = (char**)(cpy + tot + adj); // prep pointer to pointers
|
||||||
*vec = cpy; // point 1st vector to string
|
*vec = cpy; // point 1st vector to string
|
||||||
@ -1012,7 +1012,7 @@ proc_t* readproc(PROCTAB *restrict const PT, proc_t *restrict p) {
|
|||||||
// }
|
// }
|
||||||
|
|
||||||
saved_p = p;
|
saved_p = p;
|
||||||
if(!p) p = xcalloc(NULL, sizeof *p);
|
if(!p) p = xcalloc(sizeof *p);
|
||||||
else free_acquired(p, 1);
|
else free_acquired(p, 1);
|
||||||
|
|
||||||
for(;;){
|
for(;;){
|
||||||
@ -1041,7 +1041,7 @@ proc_t* readtask(PROCTAB *restrict const PT, const proc_t *restrict const p, pro
|
|||||||
proc_t *saved_t;
|
proc_t *saved_t;
|
||||||
|
|
||||||
saved_t = t;
|
saved_t = t;
|
||||||
if(!t) t = xcalloc(NULL, sizeof *t);
|
if(!t) t = xcalloc(sizeof *t);
|
||||||
else free_acquired(t, 1);
|
else free_acquired(t, 1);
|
||||||
|
|
||||||
// 1. got to fake a thread for old kernels
|
// 1. got to fake a thread for old kernels
|
||||||
@ -1098,7 +1098,7 @@ extern proc_t* readeither (PROCTAB *restrict const PT, proc_t *restrict x) {
|
|||||||
proc_t *saved_x, *ret;
|
proc_t *saved_x, *ret;
|
||||||
|
|
||||||
saved_x = x;
|
saved_x = x;
|
||||||
if (!x) x = xcalloc(NULL, sizeof(*x));
|
if (!x) x = xcalloc(sizeof(*x));
|
||||||
else free_acquired(x,1);
|
else free_acquired(x,1);
|
||||||
if (new_p) goto next_task;
|
if (new_p) goto next_task;
|
||||||
|
|
||||||
@ -1257,15 +1257,13 @@ proc_data_t *readproctab2(int(*want_proc)(proc_t *buf), int(*want_task)(proc_t *
|
|||||||
if(n_alloc == n_used){
|
if(n_alloc == n_used){
|
||||||
//proc_t *old = data;
|
//proc_t *old = data;
|
||||||
n_alloc = n_alloc*5/4+30; // grow by over 25%
|
n_alloc = n_alloc*5/4+30; // grow by over 25%
|
||||||
data = realloc(data,sizeof(proc_t)*n_alloc);
|
data = xrealloc(data,sizeof(proc_t)*n_alloc);
|
||||||
//if(!data) return NULL;
|
|
||||||
memset(data+n_used, 0, sizeof(proc_t)*(n_alloc-n_used));
|
memset(data+n_used, 0, sizeof(proc_t)*(n_alloc-n_used));
|
||||||
}
|
}
|
||||||
if(n_proc_alloc == n_proc){
|
if(n_proc_alloc == n_proc){
|
||||||
//proc_t **old = ptab;
|
//proc_t **old = ptab;
|
||||||
n_proc_alloc = n_proc_alloc*5/4+30; // grow by over 25%
|
n_proc_alloc = n_proc_alloc*5/4+30; // grow by over 25%
|
||||||
ptab = realloc(ptab,sizeof(proc_t*)*n_proc_alloc);
|
ptab = xrealloc(ptab,sizeof(proc_t*)*n_proc_alloc);
|
||||||
//if(!ptab) return NULL;
|
|
||||||
}
|
}
|
||||||
tmp = readproc_direct(PT, data+n_used);
|
tmp = readproc_direct(PT, data+n_used);
|
||||||
if(!tmp) break;
|
if(!tmp) break;
|
||||||
@ -1277,17 +1275,15 @@ proc_data_t *readproctab2(int(*want_proc)(proc_t *buf), int(*want_task)(proc_t *
|
|||||||
if(n_alloc == n_used){
|
if(n_alloc == n_used){
|
||||||
proc_t *old = data;
|
proc_t *old = data;
|
||||||
n_alloc = n_alloc*5/4+30; // grow by over 25%
|
n_alloc = n_alloc*5/4+30; // grow by over 25%
|
||||||
data = realloc(data,sizeof(proc_t)*n_alloc);
|
data = xrealloc(data,sizeof(proc_t)*n_alloc);
|
||||||
// have to move tmp too
|
// have to move tmp too
|
||||||
tmp = data+(tmp-old);
|
tmp = data+(tmp-old);
|
||||||
//if(!data) return NULL;
|
|
||||||
memset(data+n_used+1, 0, sizeof(proc_t)*(n_alloc-(n_used+1)));
|
memset(data+n_used+1, 0, sizeof(proc_t)*(n_alloc-(n_used+1)));
|
||||||
}
|
}
|
||||||
if(n_task_alloc == n_task){
|
if(n_task_alloc == n_task){
|
||||||
//proc_t **old = ttab;
|
//proc_t **old = ttab;
|
||||||
n_task_alloc = n_task_alloc*5/4+1; // grow by over 25%
|
n_task_alloc = n_task_alloc*5/4+1; // grow by over 25%
|
||||||
ttab = realloc(ttab,sizeof(proc_t*)*n_task_alloc);
|
ttab = xrealloc(ttab,sizeof(proc_t*)*n_task_alloc);
|
||||||
//if(!ttab) return NULL;
|
|
||||||
}
|
}
|
||||||
t = readtask_direct(PT, tmp, data+n_used);
|
t = readtask_direct(PT, tmp, data+n_used);
|
||||||
if(!t) break;
|
if(!t) break;
|
||||||
@ -1325,7 +1321,7 @@ proc_data_t *readproctab3 (int(*want_task)(proc_t *buf), PROCTAB *restrict const
|
|||||||
for (;;) {
|
for (;;) {
|
||||||
if (n_alloc == n_used) {
|
if (n_alloc == n_used) {
|
||||||
n_alloc = n_alloc*5/4+30; // grow by over 25%
|
n_alloc = n_alloc*5/4+30; // grow by over 25%
|
||||||
tab = realloc(tab,sizeof(proc_t*)*n_alloc);
|
tab = xrealloc(tab,sizeof(proc_t*)*n_alloc);
|
||||||
}
|
}
|
||||||
// let this next guy allocate the necessary proc_t storage
|
// let this next guy allocate the necessary proc_t storage
|
||||||
// (or recycle it) since he can't tolerate realloc relocations
|
// (or recycle it) since he can't tolerate realloc relocations
|
||||||
|
@ -18,6 +18,7 @@
|
|||||||
|
|
||||||
#include "slab.h"
|
#include "slab.h"
|
||||||
#include "procps.h"
|
#include "procps.h"
|
||||||
|
#include "alloc.h"
|
||||||
|
|
||||||
#define SLABINFO_LINE_LEN 2048
|
#define SLABINFO_LINE_LEN 2048
|
||||||
#define SLABINFO_VER_LEN 100
|
#define SLABINFO_VER_LEN 100
|
||||||
@ -41,9 +42,7 @@ static struct slab_info *get_slabnode(void)
|
|||||||
node = free_index;
|
node = free_index;
|
||||||
free_index = free_index->next;
|
free_index = free_index->next;
|
||||||
} else {
|
} else {
|
||||||
node = malloc(sizeof(struct slab_info));
|
node = xmalloc(sizeof(struct slab_info));
|
||||||
if (!node)
|
|
||||||
perror("malloc");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return node;
|
return node;
|
||||||
|
@ -17,6 +17,7 @@
|
|||||||
|
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
#include "alloc.h"
|
||||||
#include "version.h"
|
#include "version.h"
|
||||||
#include "sysinfo.h" /* include self to verify prototypes */
|
#include "sysinfo.h" /* include self to verify prototypes */
|
||||||
|
|
||||||
@ -870,7 +871,7 @@ unsigned int getdiskstat(struct disk_stat **disks, struct partition_stat **parti
|
|||||||
}
|
}
|
||||||
fields = sscanf(buff, " %*d %*d %15s %*u %*u %*u %*u %*u %*u %*u %*u %*u %*u %u", devname, &dummy);
|
fields = sscanf(buff, " %*d %*d %15s %*u %*u %*u %*u %*u %*u %*u %*u %*u %*u %u", devname, &dummy);
|
||||||
if (fields == 2 && is_disk(devname)){
|
if (fields == 2 && is_disk(devname)){
|
||||||
(*disks) = realloc(*disks, (cDisk+1)*sizeof(struct disk_stat));
|
(*disks) = xrealloc(*disks, (cDisk+1)*sizeof(struct disk_stat));
|
||||||
sscanf(buff, " %*d %*d %15s %u %u %llu %u %u %u %llu %u %u %u %u",
|
sscanf(buff, " %*d %*d %15s %u %u %llu %u %u %u %llu %u %u %u %u",
|
||||||
//&disk_major,
|
//&disk_major,
|
||||||
//&disk_minor,
|
//&disk_minor,
|
||||||
@ -890,7 +891,7 @@ unsigned int getdiskstat(struct disk_stat **disks, struct partition_stat **parti
|
|||||||
(*disks)[cDisk].partitions=0;
|
(*disks)[cDisk].partitions=0;
|
||||||
cDisk++;
|
cDisk++;
|
||||||
}else{
|
}else{
|
||||||
(*partitions) = realloc(*partitions, (cPartition+1)*sizeof(struct partition_stat));
|
(*partitions) = xrealloc(*partitions, (cPartition+1)*sizeof(struct partition_stat));
|
||||||
fflush(stdout);
|
fflush(stdout);
|
||||||
sscanf(buff, (fields == 2)
|
sscanf(buff, (fields == 2)
|
||||||
? " %*d %*d %15s %u %*u %llu %*u %u %*u %llu %*u %*u %*u %*u"
|
? " %*d %*d %15s %u %*u %llu %*u %u %*u %llu %*u %*u %*u %*u"
|
||||||
@ -924,7 +925,7 @@ unsigned int getslabinfo (struct slab_cache **slab){
|
|||||||
while (fgets(buff,BUFFSIZE-1,fd)){
|
while (fgets(buff,BUFFSIZE-1,fd)){
|
||||||
if(!memcmp("slabinfo - version:",buff,19)) continue; // skip header
|
if(!memcmp("slabinfo - version:",buff,19)) continue; // skip header
|
||||||
if(*buff == '#') continue; // skip comments
|
if(*buff == '#') continue; // skip comments
|
||||||
(*slab) = realloc(*slab, (cSlab+1)*sizeof(struct slab_cache));
|
(*slab) = xrealloc(*slab, (cSlab+1)*sizeof(struct slab_cache));
|
||||||
sscanf(buff, "%47s %u %u %u %u", // allow 47; max seen is 24
|
sscanf(buff, "%47s %u %u %u %u", // allow 47; max seen is 24
|
||||||
(*slab)[cSlab].name,
|
(*slab)[cSlab].name,
|
||||||
&(*slab)[cSlab].active_objs,
|
&(*slab)[cSlab].active_objs,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user