From: Patrick Steinhardt <ps@pks.im>
To: git@vger.kernel.org
Cc: Edward Thomson <ethomson@edwardthomson.com>,
Justin Tobler <jltobler@gmail.com>,
Junio C Hamano <gitster@pobox.com>
Subject: [PATCH v3 08/18] reftable/basics: stop using `st_mult()` in array allocators
Date: Mon, 03 Feb 2025 09:03:39 +0100 [thread overview]
Message-ID: <20250203-pks-reftable-drop-git-compat-util-v3-8-446c9ed4ee9e@pks.im> (raw)
In-Reply-To: <20250203-pks-reftable-drop-git-compat-util-v3-0-446c9ed4ee9e@pks.im>
We're using `st_mult()` as part of our macro helpers that allocate
arrays. This is bad due two two reasons:
- `st_mult()` causes us to die in case the multiplication overflows.
- `st_mult()` ties us to the Git codebase.
Refactor the code to instead detect overflows manually and return an
error in such cases.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
reftable/basics.h | 36 ++++++++++++++++++++++++++++++++----
1 file changed, 32 insertions(+), 4 deletions(-)
diff --git a/reftable/basics.h b/reftable/basics.h
index a2a010a0e1..646f8d67f2 100644
--- a/reftable/basics.h
+++ b/reftable/basics.h
@@ -117,18 +117,46 @@ void reftable_free(void *p);
void *reftable_calloc(size_t nelem, size_t elsize);
char *reftable_strdup(const char *str);
-#define REFTABLE_ALLOC_ARRAY(x, alloc) (x) = reftable_malloc(st_mult(sizeof(*(x)), (alloc)))
+static inline int reftable_alloc_size(size_t nelem, size_t elsize, size_t *out)
+{
+ if (nelem && elsize > SIZE_MAX / nelem)
+ return -1;
+ *out = nelem * elsize;
+ return 0;
+}
+
+#define REFTABLE_ALLOC_ARRAY(x, alloc) do { \
+ size_t alloc_size; \
+ if (reftable_alloc_size(sizeof(*(x)), (alloc), &alloc_size) < 0) { \
+ errno = ENOMEM; \
+ (x) = NULL; \
+ } else { \
+ (x) = reftable_malloc(alloc_size); \
+ } \
+ } while (0)
#define REFTABLE_CALLOC_ARRAY(x, alloc) (x) = reftable_calloc((alloc), sizeof(*(x)))
-#define REFTABLE_REALLOC_ARRAY(x, alloc) (x) = reftable_realloc((x), st_mult(sizeof(*(x)), (alloc)))
+#define REFTABLE_REALLOC_ARRAY(x, alloc) do { \
+ size_t alloc_size; \
+ if (reftable_alloc_size(sizeof(*(x)), (alloc), &alloc_size) < 0) { \
+ errno = ENOMEM; \
+ (x) = NULL; \
+ } else { \
+ (x) = reftable_realloc((x), alloc_size); \
+ } \
+ } while (0)
static inline void *reftable_alloc_grow(void *p, size_t nelem, size_t elsize,
size_t *allocp)
{
void *new_p;
- size_t alloc = *allocp * 2 + 1;
+ size_t alloc = *allocp * 2 + 1, alloc_bytes;
if (alloc < nelem)
alloc = nelem;
- new_p = reftable_realloc(p, st_mult(elsize, alloc));
+ if (reftable_alloc_size(elsize, alloc, &alloc_bytes) < 0) {
+ errno = ENOMEM;
+ return p;
+ }
+ new_p = reftable_realloc(p, alloc_bytes);
if (!new_p)
return p;
*allocp = alloc;
--
2.48.1.502.g6dc24dfdaf.dirty
next prev parent reply other threads:[~2025-02-03 8:03 UTC|newest]
Thread overview: 146+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-27 13:04 [PATCH 00/19] reftable: stop using "git-compat-util.h" Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 01/19] reftable/stack: stop using `read_in_full()` Patrick Steinhardt
2025-01-27 16:57 ` Justin Tobler
2025-01-28 8:06 ` Patrick Steinhardt
2025-01-28 17:05 ` Junio C Hamano
2025-01-29 7:29 ` Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 02/19] reftable/stack: stop using `write_in_full()` Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 03/19] reftable/blocksource: stop using `xmmap()` Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 04/19] reftable/record: stop using `COPY_ARRAY()` Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 05/19] reftable/record: stop using `BUG()` in `reftable_record_init()` Patrick Steinhardt
2025-01-27 17:36 ` Justin Tobler
2025-01-27 13:04 ` [PATCH 06/19] reftable/record: don't `BUG()` in `reftable_record_cmp()` Patrick Steinhardt
2025-01-27 19:21 ` Justin Tobler
2025-01-27 13:04 ` [PATCH 07/19] reftable: stop using `BUG()` in trivial cases Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 08/19] reftable/basics: stop using `st_mult()` in array allocators Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 09/19] reftable/basics: provide wrappers for big endian conversion Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 10/19] reftable/reader: stop using `ARRAY_SIZE()` macro Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 11/19] reftable/system: introduce `reftable_rand()` Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 12/19] reftable/stack: stop using `sleep_millisec()` Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 13/19] reftable/basics: stop using `SWAP()` macro Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 14/19] reftable/basics: stop using `UNUSED` annotation Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 15/19] compat/mingw: split out POSIX-related bits Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 16/19] compat/msvc: " Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 17/19] git-compat-util.h: split out POSIX-emulating bits Patrick Steinhardt
2025-01-27 19:25 ` Justin Tobler
2025-01-27 13:04 ` [PATCH 18/19] reftable: decouple from Git codebase by pulling in "compat/posix.h" Patrick Steinhardt
2025-01-27 13:04 ` [PATCH 19/19] Makefile: skip reftable library for Coccinelle Patrick Steinhardt
2025-01-27 17:44 ` [PATCH 00/19] reftable: stop using "git-compat-util.h" Junio C Hamano
2025-01-28 8:22 ` Patrick Steinhardt
2025-01-28 17:32 ` Junio C Hamano
2025-01-28 8:28 ` [PATCH v2 00/20] " Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 01/20] reftable/stack: stop using `read_in_full()` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 02/20] reftable/stack: stop using `write_in_full()` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 03/20] reftable/blocksource: stop using `xmmap()` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 04/20] reftable/record: stop using `COPY_ARRAY()` Patrick Steinhardt
2025-01-29 15:46 ` Justin Tobler
2025-02-03 8:40 ` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 05/20] reftable/record: stop using `BUG()` in `reftable_record_init()` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 06/20] reftable/record: don't `BUG()` in `reftable_record_cmp()` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 07/20] reftable: stop using `BUG()` in trivial cases Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 08/20] reftable/basics: stop using `st_mult()` in array allocators Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 09/20] reftable/basics: provide wrappers for big endian conversion Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 10/20] reftable/reader: stop using `ARRAY_SIZE()` macro Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 11/20] reftable/system: introduce `reftable_rand()` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 12/20] reftable/stack: stop using `sleep_millisec()` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 13/20] reftable/basics: stop using `SWAP()` macro Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 14/20] reftable/basics: stop using `UNUSED` annotation Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 15/20] compat: consistently resolve headers via project root Patrick Steinhardt
2025-01-29 7:50 ` Johannes Sixt
2025-01-29 14:23 ` Junio C Hamano
2025-02-03 8:40 ` Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 16/20] compat/mingw: split out POSIX-related bits Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 17/20] compat/msvc: " Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 18/20] git-compat-util.h: split out POSIX-emulating bits Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 19/20] reftable: decouple from Git codebase by pulling in "compat/posix.h" Patrick Steinhardt
2025-01-28 8:28 ` [PATCH v2 20/20] Makefile: skip reftable library for Coccinelle Patrick Steinhardt
2025-01-28 22:48 ` [PATCH v2 00/20] reftable: stop using "git-compat-util.h" Junio C Hamano
2025-01-29 7:25 ` Patrick Steinhardt
2025-01-29 13:50 ` Junio C Hamano
2025-02-03 8:03 ` [PATCH v3 00/18] " Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 01/18] reftable/stack: stop using `read_in_full()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 02/18] reftable/stack: stop using `write_in_full()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 03/18] reftable/blocksource: stop using `xmmap()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 04/18] reftable/record: stop using `COPY_ARRAY()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 05/18] reftable/record: stop using `BUG()` in `reftable_record_init()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 06/18] reftable/record: don't `BUG()` in `reftable_record_cmp()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 07/18] reftable: stop using `BUG()` in trivial cases Patrick Steinhardt
2025-02-03 8:03 ` Patrick Steinhardt [this message]
2025-02-03 8:03 ` [PATCH v3 09/18] reftable/basics: provide wrappers for big endian conversion Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 10/18] reftable/reader: stop using `ARRAY_SIZE()` macro Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 11/18] reftable/system: introduce `reftable_rand()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 12/18] reftable/stack: stop using `sleep_millisec()` Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 13/18] reftable/basics: stop using `SWAP()` macro Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 14/18] reftable/basics: stop using `UNUSED` annotation Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 15/18] compat/mingw: split out POSIX-related bits Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 16/18] git-compat-util.h: split out POSIX-emulating bits Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 17/18] reftable: decouple from Git codebase by pulling in "compat/posix.h" Patrick Steinhardt
2025-02-03 8:03 ` [PATCH v3 18/18] Makefile: skip reftable library for Coccinelle Patrick Steinhardt
2025-02-06 4:04 ` [PATCH v3 00/18] reftable: stop using "git-compat-util.h" Justin Tobler
2025-02-06 7:52 ` [PATCH v4 " Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 01/18] reftable/stack: stop using `read_in_full()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 02/18] reftable/stack: stop using `write_in_full()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 03/18] reftable/blocksource: stop using `xmmap()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 04/18] reftable/record: stop using `COPY_ARRAY()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 05/18] reftable/record: stop using `BUG()` in `reftable_record_init()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 06/18] reftable/record: don't `BUG()` in `reftable_record_cmp()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 07/18] reftable: stop using `BUG()` in trivial cases Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 08/18] reftable/basics: stop using `st_mult()` in array allocators Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 09/18] reftable/basics: provide wrappers for big endian conversion Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 10/18] reftable/reader: stop using `ARRAY_SIZE()` macro Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 11/18] reftable/system: introduce `reftable_rand()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 12/18] reftable/stack: stop using `sleep_millisec()` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 13/18] reftable/basics: stop using `SWAP()` macro Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 14/18] reftable/basics: stop using `UNUSED` annotation Patrick Steinhardt
2025-02-07 10:03 ` Toon Claes
2025-02-07 11:50 ` Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 15/18] compat/mingw: split out POSIX-related bits Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 16/18] git-compat-util.h: split out POSIX-emulating bits Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 17/18] reftable: decouple from Git codebase by pulling in "compat/posix.h" Patrick Steinhardt
2025-02-06 7:52 ` [PATCH v4 18/18] Makefile: skip reftable library for Coccinelle Patrick Steinhardt
2025-02-07 11:51 ` [PATCH v5 00/18] reftable: stop using "git-compat-util.h" Patrick Steinhardt
2025-02-07 11:51 ` [PATCH v5 01/18] reftable/stack: stop using `read_in_full()` Patrick Steinhardt
2025-02-07 11:51 ` [PATCH v5 02/18] reftable/stack: stop using `write_in_full()` Patrick Steinhardt
2025-02-07 11:51 ` [PATCH v5 03/18] reftable/blocksource: stop using `xmmap()` Patrick Steinhardt
2025-02-07 11:51 ` [PATCH v5 04/18] reftable/record: stop using `COPY_ARRAY()` Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 05/18] reftable/record: stop using `BUG()` in `reftable_record_init()` Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 06/18] reftable/record: don't `BUG()` in `reftable_record_cmp()` Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 07/18] reftable: stop using `BUG()` in trivial cases Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 08/18] reftable/basics: stop using `st_mult()` in array allocators Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 09/18] reftable/basics: provide wrappers for big endian conversion Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 10/18] reftable/reader: stop using `ARRAY_SIZE()` macro Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 11/18] reftable/system: introduce `reftable_rand()` Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 12/18] reftable/stack: stop using `sleep_millisec()` Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 13/18] reftable/basics: stop using `SWAP()` macro Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 14/18] reftable/basics: introduce `REFTABLE_UNUSED` annotation Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 15/18] compat/mingw: split out POSIX-related bits Patrick Steinhardt
2025-02-09 13:14 ` Johannes Sixt
2025-02-10 15:50 ` Junio C Hamano
2025-02-13 18:22 ` Johannes Schindelin
2025-02-17 12:47 ` Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 16/18] git-compat-util.h: split out POSIX-emulating bits Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 17/18] reftable: decouple from Git codebase by pulling in "compat/posix.h" Patrick Steinhardt
2025-02-07 11:52 ` [PATCH v5 18/18] Makefile: skip reftable library for Coccinelle Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 00/18] reftable: stop using "git-compat-util.h" Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 01/18] reftable/stack: stop using `read_in_full()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 02/18] reftable/stack: stop using `write_in_full()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 03/18] reftable/blocksource: stop using `xmmap()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 04/18] reftable/record: stop using `COPY_ARRAY()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 05/18] reftable/record: stop using `BUG()` in `reftable_record_init()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 06/18] reftable/record: don't `BUG()` in `reftable_record_cmp()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 07/18] reftable: stop using `BUG()` in trivial cases Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 08/18] reftable/basics: stop using `st_mult()` in array allocators Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 09/18] reftable/basics: provide wrappers for big endian conversion Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 10/18] reftable/reader: stop using `ARRAY_SIZE()` macro Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 11/18] reftable/system: introduce `reftable_rand()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 12/18] reftable/stack: stop using `sleep_millisec()` Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 13/18] reftable/basics: stop using `SWAP()` macro Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 14/18] reftable/basics: introduce `REFTABLE_UNUSED` annotation Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 15/18] compat/mingw: split out POSIX-related bits Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 16/18] git-compat-util.h: split out POSIX-emulating bits Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 17/18] reftable: decouple from Git codebase by pulling in "compat/posix.h" Patrick Steinhardt
2025-02-18 9:20 ` [PATCH v6 18/18] Makefile: skip reftable library for Coccinelle Patrick Steinhardt
2025-02-18 18:55 ` [PATCH v6 00/18] reftable: stop using "git-compat-util.h" Junio C Hamano
2025-03-11 23:29 ` Junio C Hamano
2025-03-12 6:51 ` Patrick Steinhardt
2025-03-20 15:17 ` Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250203-pks-reftable-drop-git-compat-util-v3-8-446c9ed4ee9e@pks.im \
--to=ps@pks.im \
--cc=ethomson@edwardthomson.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jltobler@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).