procps/proc/alloc.h
Qualys Security Advisory f1077b7a55 proc/alloc.*: Use size_t, not unsigned int.
Otherwise this can truncate sizes on 64-bit platforms, and is one of the
reasons the integer overflows in file2strvec() are exploitable at all.
Also: catch potential integer overflow in xstrdup() (should never
happen, but better safe than sorry), and use memcpy() instead of
strcpy() (faster).

Warnings:

- in glibc, realloc(ptr, 0) is equivalent to free(ptr), but not here,
  because of the ++size;

- here, xstrdup() can return NULL (if str is NULL), which goes against
  the idea of the xalloc wrappers.

We were tempted to call exit() or xerrx() in those cases, but decided
against it, because it might break things in unexpected places; TODO?
2018-05-19 07:32:21 +10:00

21 lines
509 B
C

#ifndef PROCPS_PROC_ALLOC_H
#define PROCPS_PROC_ALLOC_H
#include "procps.h"
EXTERN_C_BEGIN
typedef void (*message_fn)(const char *__restrict, ...) __attribute__((format(printf,1,2)));
/* change xalloc_err_handler to override the default fprintf(stderr... */
extern message_fn xalloc_err_handler;
extern void *xcalloc(size_t size) MALLOC;
extern void *xmalloc(size_t size) MALLOC;
extern void *xrealloc(void *oldp, size_t size) MALLOC;
extern char *xstrdup(const char *str) MALLOC;
EXTERN_C_END
#endif