library: exploit enhanced library memory allocation provisions

There were numerous library memory allocation inconsistencies. Some were checked for failure and others were not. All library source modules were modified to utilize the alloc.h memory rouines which are consistent in dealing with errors.
2011-12-02 17:17:02 -06:00 · 2011-12-02 17:17:02 -06:00 · 827334870d
commit 827334870d
parent 7126cc4491
6 changed files with 26 additions and 40 deletions
--- a/proc/devname.c
+++ b/proc/devname.c
@ -18,6 +18,7 @@
 #include <unistd.h>
 #include "version.h"
 #include "devname.h"
 #include "alloc.h"
 // This is the buffer size for a tty name. Any path is legal,
 // which makes PAGE_SIZE appropriate (see kernel source), but
@ -75,7 +76,7 @@ static void load_drivers(void){
    end = strchr(p, ' ');
    if(!end) continue;
    len = end - p;
-    tmn = calloc(1, sizeof(tty_map_node));
+    tmn = xcalloc(sizeof(tty_map_node));
    tmn->next = tty_map;
    tty_map = tmn;
    /* if we have a devfs type name such as /dev/tts/%d then strip the %d but
--- a/proc/ksym.c
+++ b/proc/ksym.c
@ -20,6 +20,7 @@
 #include <sys/mman.h>
 #include <sys/utsname.h>
 #include "procps.h"
 #include "alloc.h"
 #include "version.h"
 #include "sysinfo.h" /* smp_num_cpus */
 #include "wchan.h"  // to verify prototypes
@ -230,8 +231,7 @@ static void read_file(const char *restrict filename, char **bufp, unsigned *rest
  unsigned room = *roomp;
  if(!room) goto hell;     /* failed before */
-  if(!buf) buf = malloc(room);
+  if(!buf) buf = xmalloc(room);
  if(!buf) goto hell;
 open_again:
  fd = open(filename, O_RDONLY|O_NOCTTY|O_NONBLOCK);
  if(fd<0){
@ -257,8 +257,7 @@ open_again:
      total += done;
      /* more to go, but no room in buffer */
      room *= 2;
-      tmp = realloc(buf, room);
+      tmp = xrealloc(buf, room);
      if(!tmp) goto hell;
      buf = tmp;
      continue;
    }
@ -296,8 +295,7 @@ static int parse_ksyms(void) {
  for(;;){
    void *vp;
    idx_room *= 2;
-    vp = realloc(ksyms_index, sizeof(symb)*idx_room);
+    vp = xrealloc(ksyms_index, sizeof(symb)*idx_room);
    if(!vp) goto bad_alloc;
    ksyms_index = vp;
 bypass:
    for(;;){
@ -317,10 +315,6 @@ bypass:
    }
  }
  if(0){
 bad_alloc:
    fprintf(stderr, "Warning: not enough memory available\n");
  }
  if(0){
 bad_parse:
    fprintf(stderr, "Warning: "KSYMS_FILENAME" not normal\n");
@ -367,8 +361,7 @@ static int sysmap_mmap(const char *restrict const filename, message_fn message)
  for(;;){
    void *vp;
    sysmap_room *= 2;
-    vp = realloc(sysmap_index, sizeof(symb)*sysmap_room);
+    vp = xrealloc(sysmap_index, sizeof(symb)*sysmap_room);
    if(!vp) goto bad_alloc;
    sysmap_index = vp;
    for(;;){
      char *vstart;
@ -434,10 +427,6 @@ bad_version:
    message("Warning: %s has an incorrect kernel version.\n", filename);
  }
  if(0){
 bad_alloc:
    message("Warning: not enough memory available\n");
  }
  if(0){
 bad_parse:
    message("Warning: %s not parseable as a System.map\n", filename);
  }
--- a/proc/pwcache.c
+++ b/proc/pwcache.c
@ -65,7 +65,7 @@ char *group_from_gid(gid_t gid) {
            return((*g)->name);
        g = &(*g)->next;
    }
-    *g = (struct grpbuf *) malloc(sizeof(struct grpbuf));
+    *g = (struct grpbuf *) xmalloc(sizeof(struct grpbuf));
    (*g)->gid = gid;
    gr = getgrgid(gid);
    if (!gr || strlen(gr->gr_name) >= P_G_SZ)
--- a/proc/readproc.c
+++ b/proc/readproc.c
@ -345,7 +345,7 @@ ENTER(0x220);
                if (' '  == P->supgid[j])
                    P->supgid[j] = ',';
        } else
-            P->supgid = strdup("-");
+            P->supgid = xstrdup("-");
        continue;
    }
    case_CapBnd:
@ -402,7 +402,7 @@ static void supgrps_from_supgids (proc_t *p) {
    int t;
    if (!p->supgid || '-' == *p->supgid) {
-        p->supgrp = strdup("-");
+        p->supgrp = xstrdup("-");
        return;
    }
    s = p->supgid;
@ -410,7 +410,7 @@ static void supgrps_from_supgids (proc_t *p) {
    do {
        if (',' == *s) ++s;
        g = group_from_gid((uid_t)strtol(s, &s, 10));
-        p->supgrp = realloc(p->supgrp, P_G_SZ+t+2);
+        p->supgrp = xrealloc(p->supgrp, P_G_SZ+t+2);
        t += snprintf(p->supgrp+t, P_G_SZ+2, "%s%s", t ? "," : "", g);
    } while (*s);
 }
@ -620,7 +620,7 @@ static char** vectorize_this_str (const char* src) {
    tot = strlen(src) + 1;                       // prep for our vectors
    adj = (pSZ-1) - ((tot + pSZ-1) & (pSZ-1));   // calc alignment bytes
-    cpy = xcalloc(NULL, tot + adj + (2 * pSZ));  // get new larger buffer
+    cpy = xcalloc(tot + adj + (2 * pSZ));        // get new larger buffer
    snprintf(cpy, tot, "%s", src);               // duplicate their string
    vec = (char**)(cpy + tot + adj);             // prep pointer to pointers
    *vec = cpy;                                  // point 1st vector to string
@ -1012,7 +1012,7 @@ proc_t* readproc(PROCTAB *restrict const PT, proc_t *restrict p) {
 //  }
  saved_p = p;
-  if(!p) p = xcalloc(NULL, sizeof *p);
+  if(!p) p = xcalloc(sizeof *p);
  else free_acquired(p, 1);
  for(;;){
@ -1041,7 +1041,7 @@ proc_t* readtask(PROCTAB *restrict const PT, const proc_t *restrict const p, pro
  proc_t *saved_t;
  saved_t = t;
-  if(!t) t = xcalloc(NULL, sizeof *t);
+  if(!t) t = xcalloc(sizeof *t);
  else free_acquired(t, 1);
  // 1. got to fake a thread for old kernels
@ -1098,7 +1098,7 @@ extern proc_t* readeither (PROCTAB *restrict const PT, proc_t *restrict x) {
    proc_t *saved_x, *ret;
    saved_x = x;
-    if (!x) x = xcalloc(NULL, sizeof(*x));
+    if (!x) x = xcalloc(sizeof(*x));
    else free_acquired(x,1);
    if (new_p) goto next_task;
@ -1257,15 +1257,13 @@ proc_data_t *readproctab2(int(*want_proc)(proc_t *buf), int(*want_task)(proc_t *
        if(n_alloc == n_used){
          //proc_t *old = data;
          n_alloc = n_alloc*5/4+30;  // grow by over 25%
-          data = realloc(data,sizeof(proc_t)*n_alloc);
+          data = xrealloc(data,sizeof(proc_t)*n_alloc);
          //if(!data) return NULL;
          memset(data+n_used, 0, sizeof(proc_t)*(n_alloc-n_used));
        }
        if(n_proc_alloc == n_proc){
          //proc_t **old = ptab;
          n_proc_alloc = n_proc_alloc*5/4+30;  // grow by over 25%
-          ptab = realloc(ptab,sizeof(proc_t*)*n_proc_alloc);
+          ptab = xrealloc(ptab,sizeof(proc_t*)*n_proc_alloc);
          //if(!ptab) return NULL;
        }
        tmp = readproc_direct(PT, data+n_used);
        if(!tmp) break;
@ -1277,17 +1275,15 @@ proc_data_t *readproctab2(int(*want_proc)(proc_t *buf), int(*want_task)(proc_t *
          if(n_alloc == n_used){
            proc_t *old = data;
            n_alloc = n_alloc*5/4+30;  // grow by over 25%
-            data = realloc(data,sizeof(proc_t)*n_alloc);
+            data = xrealloc(data,sizeof(proc_t)*n_alloc);
            // have to move tmp too
            tmp = data+(tmp-old);
            //if(!data) return NULL;
            memset(data+n_used+1, 0, sizeof(proc_t)*(n_alloc-(n_used+1)));
          }
          if(n_task_alloc == n_task){
            //proc_t **old = ttab;
            n_task_alloc = n_task_alloc*5/4+1;  // grow by over 25%
-            ttab = realloc(ttab,sizeof(proc_t*)*n_task_alloc);
+            ttab = xrealloc(ttab,sizeof(proc_t*)*n_task_alloc);
            //if(!ttab) return NULL;
          }
          t = readtask_direct(PT, tmp, data+n_used);
          if(!t) break;
@ -1325,7 +1321,7 @@ proc_data_t *readproctab3 (int(*want_task)(proc_t *buf), PROCTAB *restrict const
    for (;;) {
        if (n_alloc == n_used) {
            n_alloc = n_alloc*5/4+30;  // grow by over 25%
-            tab = realloc(tab,sizeof(proc_t*)*n_alloc);
+            tab = xrealloc(tab,sizeof(proc_t*)*n_alloc);
        }
        // let this next guy allocate the necessary proc_t storage
        // (or recycle it) since he can't tolerate realloc relocations
--- a/proc/slab.c
+++ b/proc/slab.c
@ -18,6 +18,7 @@
 #include "slab.h"
 #include "procps.h"
 #include "alloc.h"
 #define SLABINFO_LINE_LEN	2048
 #define SLABINFO_VER_LEN	100
@ -41,9 +42,7 @@ static struct slab_info *get_slabnode(void)
 		node = free_index;
 		free_index = free_index->next;
 	} else {
-		node = malloc(sizeof(struct slab_info));
+		node = xmalloc(sizeof(struct slab_info));
 		if (!node)
 			perror("malloc");
 	}
 	return node;
--- a/proc/sysinfo.c
+++ b/proc/sysinfo.c
@ -17,6 +17,7 @@
 #include <unistd.h>
 #include <fcntl.h>
 #include "alloc.h"
 #include "version.h"
 #include "sysinfo.h" /* include self to verify prototypes */
@ -870,7 +871,7 @@ unsigned int getdiskstat(struct disk_stat **disks, struct partition_stat **parti
    }
    fields = sscanf(buff, " %*d %*d %15s %*u %*u %*u %*u %*u %*u %*u %*u %*u %*u %u", devname, &dummy);
    if (fields == 2 && is_disk(devname)){
-      (*disks) = realloc(*disks, (cDisk+1)*sizeof(struct disk_stat));
+      (*disks) = xrealloc(*disks, (cDisk+1)*sizeof(struct disk_stat));
      sscanf(buff,  "   %*d    %*d %15s %u %u %llu %u %u %u %llu %u %u %u %u",
        //&disk_major,
        //&disk_minor,
@ -890,7 +891,7 @@ unsigned int getdiskstat(struct disk_stat **disks, struct partition_stat **parti
        (*disks)[cDisk].partitions=0;
      cDisk++;
    }else{
-      (*partitions) = realloc(*partitions, (cPartition+1)*sizeof(struct partition_stat));
+      (*partitions) = xrealloc(*partitions, (cPartition+1)*sizeof(struct partition_stat));
      fflush(stdout);
      sscanf(buff,  (fields == 2)
          ? "   %*d    %*d %15s %u %*u %llu %*u %u %*u %llu %*u %*u %*u %*u"
@ -924,7 +925,7 @@ unsigned int getslabinfo (struct slab_cache **slab){
  while (fgets(buff,BUFFSIZE-1,fd)){
    if(!memcmp("slabinfo - version:",buff,19)) continue; // skip header
    if(*buff == '#')                           continue; // skip comments
-    (*slab) = realloc(*slab, (cSlab+1)*sizeof(struct slab_cache));
+    (*slab) = xrealloc(*slab, (cSlab+1)*sizeof(struct slab_cache));
    sscanf(buff,  "%47s %u %u %u %u",  // allow 47; max seen is 24
      (*slab)[cSlab].name,
      &(*slab)[cSlab].active_objs,