diff mbox series

[v2] getaddrinfo: Get rid of alloca

Message ID 20230630143050.3334599-1-josimmon@redhat.com
State New
Headers show
Series [v2] getaddrinfo: Get rid of alloca | expand

Commit Message

Joe Simmons-Talbott June 30, 2023, 2:30 p.m. UTC
Use a scratch_buffer rather than alloca to avoid potential stack
overflow.
---
Changes to v1:
  * Don't use alloc_size but rather rely on * scratch_buffer_set_array_size's
    overflow checks.

 sysdeps/posix/getaddrinfo.c | 24 +++++++++---------------
 1 file changed, 9 insertions(+), 15 deletions(-)

Comments

Joe Simmons-Talbott Aug. 29, 2023, 2:56 p.m. UTC | #1
Ping.

On Fri, Jun 30, 2023 at 10:30:50AM -0400, Joe Simmons-Talbott wrote:
> Use a scratch_buffer rather than alloca to avoid potential stack
> overflow.
> ---
> Changes to v1:
>   * Don't use alloc_size but rather rely on * scratch_buffer_set_array_size's
>     overflow checks.
> 
>  sysdeps/posix/getaddrinfo.c | 24 +++++++++---------------
>  1 file changed, 9 insertions(+), 15 deletions(-)
> 
> diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
> index 0356b622be..be3b3f6e45 100644
> --- a/sysdeps/posix/getaddrinfo.c
> +++ b/sysdeps/posix/getaddrinfo.c
> @@ -2404,22 +2404,17 @@ getaddrinfo (const char *name, const char *service,
>        struct addrinfo *q;
>        struct addrinfo *last = NULL;
>        char *canonname = NULL;
> -      bool malloc_results;
> -      size_t alloc_size = nresults * (sizeof (*results) + sizeof (size_t));
> +      struct scratch_buffer buf;
> +      scratch_buffer_init (&buf);
>  
> -      malloc_results
> -	= !__libc_use_alloca (alloc_size);
> -      if (malloc_results)
> +      if (!scratch_buffer_set_array_size (&buf, nresults,
> +					  sizeof (*results) + sizeof (size_t)))
>  	{
> -	  results = malloc (alloc_size);
> -	  if (results == NULL)
> -	    {
> -	      __free_in6ai (in6ai);
> -	      return EAI_MEMORY;
> -	    }
> +	  __free_in6ai (in6ai);
> +	  return EAI_MEMORY;
>  	}
> -      else
> -	results = alloca (alloc_size);
> +      results = buf.data;
> +
>        order = (size_t *) (results + nresults);
>  
>        /* Now we definitely need the interface information.  */
> @@ -2590,8 +2585,7 @@ getaddrinfo (const char *name, const char *service,
>        /* Fill in the canonical name into the new first entry.  */
>        p->ai_canonname = canonname;
>  
> -      if (malloc_results)
> -	free (results);
> +      scratch_buffer_free (&buf);
>      }
>  
>    __free_in6ai (in6ai);
> -- 
> 2.39.2
>
Andreas Schwab Aug. 29, 2023, 3:09 p.m. UTC | #2
On Jun 30 2023, Joe Simmons-Talbott via Libc-alpha wrote:

> Use a scratch_buffer rather than alloca to avoid potential stack
> overflow.

Ok.
diff mbox series

Patch

diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
index 0356b622be..be3b3f6e45 100644
--- a/sysdeps/posix/getaddrinfo.c
+++ b/sysdeps/posix/getaddrinfo.c
@@ -2404,22 +2404,17 @@  getaddrinfo (const char *name, const char *service,
       struct addrinfo *q;
       struct addrinfo *last = NULL;
       char *canonname = NULL;
-      bool malloc_results;
-      size_t alloc_size = nresults * (sizeof (*results) + sizeof (size_t));
+      struct scratch_buffer buf;
+      scratch_buffer_init (&buf);
 
-      malloc_results
-	= !__libc_use_alloca (alloc_size);
-      if (malloc_results)
+      if (!scratch_buffer_set_array_size (&buf, nresults,
+					  sizeof (*results) + sizeof (size_t)))
 	{
-	  results = malloc (alloc_size);
-	  if (results == NULL)
-	    {
-	      __free_in6ai (in6ai);
-	      return EAI_MEMORY;
-	    }
+	  __free_in6ai (in6ai);
+	  return EAI_MEMORY;
 	}
-      else
-	results = alloca (alloc_size);
+      results = buf.data;
+
       order = (size_t *) (results + nresults);
 
       /* Now we definitely need the interface information.  */
@@ -2590,8 +2585,7 @@  getaddrinfo (const char *name, const char *service,
       /* Fill in the canonical name into the new first entry.  */
       p->ai_canonname = canonname;
 
-      if (malloc_results)
-	free (results);
+      scratch_buffer_free (&buf);
     }
 
   __free_in6ai (in6ai);