bug-gnulib
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: malloca, freea are not thread-safe


From: Bruno Haible
Subject: Re: malloca, freea are not thread-safe
Date: Sat, 03 Feb 2018 00:33:31 +0100
User-agent: KMail/5.1.3 (Linux/4.4.0-104-generic; KDE/5.18.0; x86_64; ; )

Hi Paul,

> > ! void
> >    freea (void *p)
> >    {
> > !   /* Determine whether p was a non-NULL pointer returned by mmalloca().  
> > */
> > !   if ((uintptr_t) p & sa_alignment_max)
> 
> This should be "((uintptr_t) p & (2 * sa_alignment_max - 1))", to make 
> it more likely that a runtime error is detected if a garbage pointer is 
> passed to freea.

Changing the 'if' condition will not actually detect anything. The function
will still behave according to the "garbage in - garbage out" principle.
But you are right, it is possible here to detect invalid arguments. So let's
do so:


2018-02-02  Bruno Haible  <address@hidden>

        malloca: Add an argument check.
        Suggested by Paul Eggert.
        * lib/malloca.c (freea): Check against an invalid argument.

diff --git a/lib/malloca.c b/lib/malloca.c
index 5741cba..c5321d1 100644
--- a/lib/malloca.c
+++ b/lib/malloca.c
@@ -78,6 +78,12 @@ mmalloca (size_t n)
 void
 freea (void *p)
 {
+  /* Check argument.  */
+  if ((uintptr_t) p & (sa_alignment_max - 1))
+    {
+      /* p was not the result of a malloca() call.  Invalid argument.  */
+      abort ();
+    }
   /* Determine whether p was a non-NULL pointer returned by mmalloca().  */
   if ((uintptr_t) p & sa_alignment_max)
     {




reply via email to

[Prev in Thread] Current Thread [Next in Thread]