[PATCH] kexec: check size before trying the malloc

[PATCH] kexec: check size before trying the malloc

[Zhang Yanfei]

From: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>

If size is zero, it is unnecessary to do the malloc operation.
So checking size first is better than doing malloc first.

Signed-off-by: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
---
 kexec/kexec.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/kexec/kexec.c b/kexec/kexec.c
index 3ef6f0d..494c5b3 100644
--- a/kexec/kexec.c
+++ b/kexec/kexec.c
@@ -76,9 +76,9 @@ static char *xstrdup(const char *str)
 void *xmalloc(size_t size)
 {
 	void *buf;
-	buf = malloc(size);
 	if (!size)
 		return NULL;
+	buf = malloc(size);
 	if (!buf) {
 		die("Cannot malloc %ld bytes: %s\n",
 			size + 0UL, strerror(errno));
-- 
1.7.1

_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH] kexec: check size before trying the malloc

[Simon Horman]

On Thu, Mar 14, 2013 at 01:16:25AM +0800, Zhang Yanfei wrote:
> From: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
> 
> If size is zero, it is unnecessary to do the malloc operation.
> So checking size first is better than doing malloc first.
> 
> Signed-off-by: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>

Thanks, applied.

> ---
>  kexec/kexec.c |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> diff --git a/kexec/kexec.c b/kexec/kexec.c
> index 3ef6f0d..494c5b3 100644
> --- a/kexec/kexec.c
> +++ b/kexec/kexec.c
> @@ -76,9 +76,9 @@ static char *xstrdup(const char *str)
>  void *xmalloc(size_t size)
>  {
>  	void *buf;
> -	buf = malloc(size);
>  	if (!size)
>  		return NULL;
> +	buf = malloc(size);
>  	if (!buf) {
>  		die("Cannot malloc %ld bytes: %s\n",
>  			size + 0UL, strerror(errno));
> -- 
> 1.7.1
> 

_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH] kexec: check size before trying the malloc

[HATAYAMA Daisuke]

From: Simon Horman <horms@verge.net.au>
Subject: Re: [PATCH] kexec: check size before trying the malloc
Date: Thu, 14 Mar 2013 09:37:03 +0100

> On Thu, Mar 14, 2013 at 01:16:25AM +0800, Zhang Yanfei wrote:
>> From: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
>> 
>> If size is zero, it is unnecessary to do the malloc operation.
>> So checking size first is better than doing malloc first.
>> 
>> Signed-off-by: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
> 
> Thanks, applied.
> 

Wait. The check should not be removed.

The behaviour when malloc() receives 0 as size is
implementation-defined. man malloc explains this:

     cannot be  allocated, a null  pointer shall be  returned. If
     the  size of  the  space  requested is  0,  the behavior  is
     implementation-defined: the value returned shall be either a
     null pointer or a unique pointer.

For example, on fedora 18 environement, malloc returns some object as
follows:

$ cat ./test.c
#include <stdio.h>
#include <stdlib.h>

int main(void)
{
        printf("%p\n", malloc(0));

        return 0;
}
$ gcc ./test.c -o test
$ ./test
0x1451010
$ rpm -qa | grep glibc
glibc-2.16-28.fc18.x86_64

Normally, object returned by allocator consists of header part plus
data part. This returned size might have header part only, I'm not
sure. The programmer usually expects the size to be positive, so this
bug typically leads to buffer overrun.

Anyway, it must be abnormal case when 0 is passed to malloc() as
size. As explained in patch description, it's best if it's possible to
check the size before calling malloc(). But it's impossible to make
sure that everyone does that; so bug happens. There's no reason to
remove the zero check.

Thanks.
HATAYAMA, Daisuke


_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec

Re: [PATCH] kexec: check size before trying the malloc

[HATAYAMA Daisuke]

From: HATAYAMA Daisuke <d.hatayama@jp.fujitsu.com>
Subject: Re: [PATCH] kexec: check size before trying the malloc
Date: Thu, 14 Mar 2013 19:26:10 +0900

> From: Simon Horman <horms@verge.net.au>
> Subject: Re: [PATCH] kexec: check size before trying the malloc
> Date: Thu, 14 Mar 2013 09:37:03 +0100
> 
>> On Thu, Mar 14, 2013 at 01:16:25AM +0800, Zhang Yanfei wrote:
>>> From: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
>>> 
>>> If size is zero, it is unnecessary to do the malloc operation.
>>> So checking size first is better than doing malloc first.
>>> 
>>> Signed-off-by: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
>> 
>> Thanks, applied.
>> 
> 
> Wait. The check should not be removed.

Sorry, Android screen is so small that I wrongly read the patch. I
have no objection.

Thanks.
HATAYAMA, Daisuke


_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec