From: Max Reitz <mreitz@redhat.com>
To: Markus Armbruster <armbru@redhat.com>, qemu-devel@nongnu.org
Cc: kwolf@redhat.com, stefanha@redhat.com
Subject: Re: [Qemu-devel] [PATCH v2 2/4] block: Use g_new() & friends to avoid multiplying sizes
Date: Mon, 18 Aug 2014 18:48:59 +0200 [thread overview]
Message-ID: <53F22E7B.6090503@redhat.com> (raw)
In-Reply-To: <1408378243-19713-3-git-send-email-armbru@redhat.com>
On 18.08.2014 18:10, Markus Armbruster wrote:
> g_new(T, n) is safer than g_malloc(sizeof(*v) * n) for two reasons.
> One, it catches multiplication overflowing size_t. Two, it returns
> T * rather than void *, which lets the compiler catch more type
> errors.
>
> Perhaps a conversion to g_malloc_n() would be neater in places, but
> that's merely four years old, and we can't use such newfangled stuff.
>
> This commit only touches allocations with size arguments of the form
> sizeof(T), plus two that use 4 instead of sizeof(uint32_t). We can
> make the others safe by converting to g_malloc_n() when it becomes
> available to us in a couple of years.
>
> Signed-off-by: Markus Armbruster <armbru@redhat.com>
> ---
> block/bochs.c | 2 +-
> block/parallels.c | 2 +-
> block/qcow2-cache.c | 2 +-
> block/qed-check.c | 3 +--
> block/rbd.c | 2 +-
> block/sheepdog.c | 2 +-
> hw/block/nvme.c | 8 ++++----
> qemu-io-cmds.c | 10 +++++-----
> 8 files changed, 15 insertions(+), 16 deletions(-)
[snip]
> diff --git a/qemu-io-cmds.c b/qemu-io-cmds.c
> index 3a1e11e..afd8867 100644
> --- a/qemu-io-cmds.c
> +++ b/qemu-io-cmds.c
> @@ -29,7 +29,7 @@ static int compare_cmdname(const void *a, const void *b)
>
> void qemuio_add_command(const cmdinfo_t *ci)
> {
> - cmdtab = g_realloc(cmdtab, ++ncmds * sizeof(*cmdtab));
> + cmdtab = g_renew(cmdinfo_t, cmdtab, ++ncmds);
> cmdtab[ncmds - 1] = *ci;
> qsort(cmdtab, ncmds, sizeof(*cmdtab), compare_cmdname);
> }
> @@ -122,7 +122,7 @@ static char **breakline(char *input, int *count)
> continue;
> }
> c++;
> - tmp = g_realloc(rval, sizeof(*rval) * (c + 1));
> + tmp = g_renew(char *, rval, (c + 1));
> if (!tmp) {
> g_free(rval);
> rval = NULL;
Not really relevant for this patch, but: g_renew() never returns NULL if
n_structs (c + 1) is non-zero, does it? So this if block here should be
unnecessary, I think.
Anyway:
Reviewed-by: Max Reitz <mreitz@redhat.com>
next prev parent reply other threads:[~2014-08-18 16:49 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-18 16:10 [Qemu-devel] [PATCH v2 0/4] block: Use g_new() & friends more Markus Armbruster
2014-08-18 16:10 ` [Qemu-devel] [PATCH v2 1/4] block: Use g_new() & friends where that makes obvious sense Markus Armbruster
2014-08-18 16:35 ` Max Reitz
2014-08-18 19:43 ` Jeff Cody
2014-08-18 16:10 ` [Qemu-devel] [PATCH v2 2/4] block: Use g_new() & friends to avoid multiplying sizes Markus Armbruster
2014-08-18 16:48 ` Max Reitz [this message]
2014-08-18 19:57 ` Jeff Cody
2014-08-18 16:10 ` [Qemu-devel] [PATCH v2 3/4] qemu-io-cmds: g_renew() can't fail, bury dead error handling Markus Armbruster
2014-08-18 16:50 ` Max Reitz
2014-08-18 19:59 ` Jeff Cody
2014-08-18 16:10 ` [Qemu-devel] [PATCH v2 4/4] block: Drop some superfluous casts from void * Markus Armbruster
2014-08-18 16:58 ` Max Reitz
2014-08-19 7:10 ` Markus Armbruster
2014-08-18 20:06 ` Jeff Cody
2014-08-19 7:10 ` Markus Armbruster
2014-08-19 8:33 ` Markus Armbruster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53F22E7B.6090503@redhat.com \
--to=mreitz@redhat.com \
--cc=armbru@redhat.com \
--cc=kwolf@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).