From 0c6fe0fc88a075bb1c0b8d6dceac7f2c659c8a99 Mon Sep 17 00:00:00 2001 From: Peter Avalos Date: Sun, 14 Jan 2007 03:59:57 +0000 Subject: [PATCH] Protect malloc, realloc and free calls with INT{ON,OFF} directly in chkalloc, ckrealloc and ckfree (added), respectively. sh jumps out of the signal handler using longjmp which is obviously a bad idea during malloc calls. Use the ALIGN macro from instead of defining our own version in machdep.h. Delete machdep.h. Obtained-from: FreeBSD --- bin/sh/machdep.h | 53 ------------------- bin/sh/memalloc.c | 123 ++++++++++++++++++++++++++------------------- bin/sh/memalloc.h | 7 ++- bin/sh/nodes.c.pat | 6 +-- 4 files changed, 77 insertions(+), 112 deletions(-) delete mode 100644 bin/sh/machdep.h diff --git a/bin/sh/machdep.h b/bin/sh/machdep.h deleted file mode 100644 index 7ef78a4c52..0000000000 --- a/bin/sh/machdep.h +++ /dev/null @@ -1,53 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Kenneth Almquist. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)machdep.h 8.2 (Berkeley) 5/4/95 - * $FreeBSD: src/bin/sh/machdep.h,v 1.6 1999/08/27 23:15:15 peter Exp $ - * $DragonFly: src/bin/sh/Attic/machdep.h,v 1.2 2003/06/17 04:22:50 dillon Exp $ - */ - -/* - * Most machines require the value returned from malloc to be aligned - * in some way. The following macro will get this right on many machines. - */ - -#ifndef ALIGN -union align { - int i; - char *cp; -}; - -#define ALIGN(nbytes) (((nbytes) + sizeof(union align) - 1) & ~(sizeof(union align) - 1)) -#endif diff --git a/bin/sh/memalloc.c b/bin/sh/memalloc.c index 1f58e225a0..80c86b85be 100644 --- a/bin/sh/memalloc.c +++ b/bin/sh/memalloc.c @@ -34,15 +34,15 @@ * SUCH DAMAGE. * * @(#)memalloc.c 8.3 (Berkeley) 5/4/95 - * $FreeBSD: src/bin/sh/memalloc.c,v 1.15.2.2 2002/07/19 04:38:51 tjr Exp $ - * $DragonFly: src/bin/sh/memalloc.c,v 1.4 2004/01/28 16:25:29 joerg Exp $ + * $FreeBSD: src/bin/sh/memalloc.c,v 1.27 2005/10/28 10:45:19 stefanf Exp $ + * $DragonFly: src/bin/sh/memalloc.c,v 1.5 2007/01/14 03:59:57 pavalos Exp $ */ +#include #include "shell.h" #include "output.h" #include "memalloc.h" #include "error.h" -#include "machdep.h" #include "mystring.h" #include "expand.h" #include @@ -57,7 +57,10 @@ ckmalloc(int nbytes) { pointer p; - if ((p = malloc(nbytes)) == NULL) + INTOFF; + p = malloc(nbytes); + INTON; + if (p == NULL) error("Out of space"); return p; } @@ -70,11 +73,22 @@ ckmalloc(int nbytes) pointer ckrealloc(pointer p, int nbytes) { - if ((p = realloc(p, nbytes)) == NULL) + INTOFF; + p = realloc(p, nbytes); + INTON; + if (p == NULL) error("Out of space"); return p; } +void +ckfree(pointer p) +{ + INTOFF; + free(p); + INTON; +} + /* * Make a copy of a string in safe storage. @@ -96,27 +110,47 @@ savestr(const char *s) * to make this more efficient, and also to avoid all sorts of exception * handling code to handle interrupts in the middle of a parse. * - * The size 504 was chosen because the Ultrix malloc handles that size - * well. + * The size 496 was chosen because with 16-byte alignment the total size + * for the allocated block is 512. */ -#define MINSIZE 504 /* minimum size of a block */ +#define MINSIZE 496 /* minimum size of a block. */ struct stack_block { struct stack_block *prev; - char space[MINSIZE]; + /* Data follows */ }; +#define SPACE(sp) ((char*)(sp) + ALIGN(sizeof(struct stack_block))) -STATIC struct stack_block stackbase; -STATIC struct stack_block *stackp = &stackbase; +STATIC struct stack_block *stackp; STATIC struct stackmark *markp; -char *stacknxt = stackbase.space; -int stacknleft = MINSIZE; +char *stacknxt; +int stacknleft; int sstrnleft; int herefd = -1; +static void +stnewblock(int nbytes) +{ + struct stack_block *sp; + int allocsize; + + if (nbytes < MINSIZE) + nbytes = MINSIZE; + + allocsize = ALIGN(sizeof(struct stack_block)) + ALIGN(nbytes); + + INTOFF; + sp = ckmalloc(allocsize); + sp->prev = stackp; + stacknxt = SPACE(sp); + stacknleft = allocsize - (stacknxt - (char*)sp); + stackp = sp; + INTON; +} + pointer stalloc(int nbytes) @@ -124,22 +158,8 @@ stalloc(int nbytes) char *p; nbytes = ALIGN(nbytes); - if (nbytes > stacknleft) { - int blocksize; - struct stack_block *sp; - - blocksize = nbytes; - if (blocksize < MINSIZE) - blocksize = MINSIZE; - INTOFF; - sp = ckmalloc(sizeof(struct stack_block) - MINSIZE + - blocksize); - sp->prev = stackp; - stacknxt = sp->space; - stacknleft = blocksize; - stackp = sp; - INTON; - } + if (nbytes > stacknleft) + stnewblock(nbytes); p = stacknxt; stacknxt += nbytes; stacknleft -= nbytes; @@ -208,41 +228,40 @@ growstackblock(void) int oldlen; struct stack_block *sp; struct stack_block *oldstackp; + struct stackmark *xmark; - newlen = ALIGN(stacknleft * 2 + 100); + newlen = (stacknleft == 0) ? MINSIZE : stacknleft * 2 + 100; + newlen = ALIGN(newlen); oldspace = stacknxt; oldlen = stacknleft; - if (stacknxt == stackp->space && stackp != &stackbase) { + if (stackp != NULL && stacknxt == SPACE(stackp)) { INTOFF; oldstackp = stackp; - sp = stackp; - stackp = sp->prev; - sp = ckrealloc((pointer)sp, sizeof(struct stack_block) - - MINSIZE + newlen); + stackp = oldstackp->prev; + sp = ckrealloc((pointer)oldstackp, newlen); sp->prev = stackp; stackp = sp; - stacknxt = sp->space; - stacknleft = newlen; - { - /* Stack marks pointing to the start of the old block - * must be relocated to point to the new block - */ - struct stackmark *xmark; - xmark = markp; - while (xmark != NULL && xmark->stackp == oldstackp) { - xmark->stackp = stackp; - xmark->stacknxt = stacknxt; - xmark->stacknleft = stacknleft; - xmark = xmark->marknext; - } + stacknxt = SPACE(sp); + stacknleft = newlen - (stacknxt - (char*)sp); + + /* + * Stack marks pointing to the start of the old block + * must be relocated to point to the new block + */ + xmark = markp; + while (xmark != NULL && xmark->stackp == oldstackp) { + xmark->stackp = stackp; + xmark->stacknxt = stacknxt; + xmark->stacknleft = stacknleft; + xmark = xmark->marknext; } INTON; } else { p = stalloc(newlen); - memcpy(p, oldspace, oldlen); - stacknxt = p; /* free the space */ - stacknleft += newlen; /* we just allocated */ + if (oldlen != 0) + memcpy(p, oldspace, oldlen); + stunalloc(p); } } diff --git a/bin/sh/memalloc.h b/bin/sh/memalloc.h index 7c79ecc3a3..a56e76f122 100644 --- a/bin/sh/memalloc.h +++ b/bin/sh/memalloc.h @@ -34,8 +34,8 @@ * SUCH DAMAGE. * * @(#)memalloc.h 8.2 (Berkeley) 5/4/95 - * $FreeBSD: src/bin/sh/memalloc.h,v 1.6.2.2 2002/07/19 04:38:51 tjr Exp $ - * $DragonFly: src/bin/sh/memalloc.h,v 1.3 2004/01/28 16:25:29 joerg Exp $ + * $FreeBSD: src/bin/sh/memalloc.h,v 1.10 2005/10/28 10:45:19 stefanf Exp $ + * $DragonFly: src/bin/sh/memalloc.h,v 1.4 2007/01/14 03:59:57 pavalos Exp $ */ struct stackmark { @@ -53,6 +53,7 @@ extern int herefd; pointer ckmalloc(int); pointer ckrealloc(pointer, int); +void ckfree(pointer); char *savestr(const char *); pointer stalloc(int); void stunalloc(pointer); @@ -77,5 +78,3 @@ void ungrabstackstr(char *, char *); #define STTOPC(p) p[-1] #define STADJUST(amount, p) (p += (amount), sstrnleft -= (amount)) #define grabstackstr(p) stalloc(stackblocksize() - sstrnleft) - -#define ckfree(p) free((pointer)(p)) diff --git a/bin/sh/nodes.c.pat b/bin/sh/nodes.c.pat index 6adae73fb0..b92ca2cb0c 100644 --- a/bin/sh/nodes.c.pat +++ b/bin/sh/nodes.c.pat @@ -34,10 +34,11 @@ * SUCH DAMAGE. * * @(#)nodes.c.pat 8.2 (Berkeley) 5/4/95 - * $FreeBSD: src/bin/sh/nodes.c.pat,v 1.7.2.1 2002/07/19 04:38:52 tjr Exp $ - * $DragonFly: src/bin/sh/nodes.c.pat,v 1.3 2003/08/24 16:26:00 drhodus Exp $ + * $FreeBSD: src/bin/sh/nodes.c.pat,v 1.15 2004/04/06 20:06:51 markm Exp $ + * $DragonFly: src/bin/sh/nodes.c.pat,v 1.4 2007/01/14 03:59:57 pavalos Exp $ */ +#include #include /* * Routine for dealing with parsed shell commands. @@ -46,7 +47,6 @@ #include "shell.h" #include "nodes.h" #include "memalloc.h" -#include "machdep.h" #include "mystring.h" -- 2.41.0