From: Shawn Routhier <sar@isc.org>
Date: Wed, 27 Jul 2016 17:41:26 +0000 (-0700)
Subject: [master] Update dmalloc to use a size_t as an argument
X-Git-Tag: v4_3_5b1~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=10b7683e586b8462c17bc766be8cb8322c227abc;p=thirdparty%2Fdhcp.git

[master] Update dmalloc to use a size_t as an argument

Update dmalloc to use a size_t as an argument which will
bring it in line with the call it makes to malloc and
avoid possible truncation.
---

diff --git a/RELNOTES b/RELNOTES
index 4d523494e..c11458f4a 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -117,6 +117,10 @@ by Eric Young (eay@cryptsoft.com).
   verify the problem and fix.
   [ISC-Bugs #42849]
 
+- Change dmalloc to use a size_t as the length argument to bring it
+  in line with the call it will make to malloc().
+  [ISC-Bugs #40843]
+
 			Changes since 4.3.4b1
 
 - None
diff --git a/common/tests/test_alloc.c b/common/tests/test_alloc.c
index a17a61e51..07d6e6c04 100644
--- a/common/tests/test_alloc.c
+++ b/common/tests/test_alloc.c
@@ -26,6 +26,7 @@
 #include "config.h"
 #include <atf-c.h>
 #include "dhcpd.h"
+#include "omapip/alloc.h"
 
 static const char* checkString (struct data_string* ds, const char *src);
 
@@ -539,6 +540,85 @@ ATF_TC_BODY(data_string_terminate, tc) {
     data_string_forget(&new_string, MDL);
 }
 
+void checkBuffer(size_t test_size, const char *file, int line) {
+    char *buf;
+    size_t max_size;
+    /* Determine the maximum size we may have
+     * Depending on configuration options we may be adding some
+     * space to the allocated buffer for debugging purposes
+     * so remove that as well.
+     */
+    max_size = ((size_t)-1) - DMDSIZE;
+
+    if (test_size > max_size) {
+	atf_tc_skip("Test size greater than max size, %lx", test_size);
+	return;
+    }
+
+    /* We allocate the buffer and then try to set the last character
+     * to a known value.
+     */
+    buf = dmalloc(test_size, file, line);
+    if (buf != NULL) {
+	buf[test_size - 1] = 1;
+	if (buf[test_size - 1] != 1)
+	    atf_tc_fail("Value mismatch for index %lu", test_size);
+	dfree(buf, file, line);
+    } else {
+	atf_tc_skip("Unable to allocate memory %lu", test_size);
+    }
+}
+
+ATF_TC(dmalloc_max32);
+
+ATF_TC_HEAD(dmalloc_max32, tc) {
+    atf_tc_set_md_var(tc, "descr", "dmalloc_max32 test, "
+		      "dmalloc 0xFFFFFFFF");
+}
+ATF_TC_BODY(dmalloc_max32, tc) {
+    checkBuffer(0XFFFFFFFF, MDL);
+}
+
+ATF_TC(dmalloc_med1);
+
+ATF_TC_HEAD(dmalloc_med1, tc) {
+    atf_tc_set_md_var(tc, "descr", "dmalloc_med1 test, "
+		      "dmalloc 0x80000000,");
+}
+ATF_TC_BODY(dmalloc_med1, tc) {
+    checkBuffer(0x80000000, MDL);
+}
+
+ATF_TC(dmalloc_med2);
+
+ATF_TC_HEAD(dmalloc_med2, tc) {
+    atf_tc_set_md_var(tc, "descr", "dmalloc_med2 test, "
+		      "dmalloc 0x7FFFFFFF, ");
+}
+ATF_TC_BODY(dmalloc_med2, tc) {
+    checkBuffer(0x7FFFFFFF,  MDL);
+}
+
+ATF_TC(dmalloc_med3);
+
+ATF_TC_HEAD(dmalloc_med3, tc) {
+    atf_tc_set_md_var(tc, "descr", "dmalloc_med3 test, "
+		      "dmalloc 0x10000000,");
+}
+ATF_TC_BODY(dmalloc_med3, tc) {
+    checkBuffer(0x10000000, MDL);
+}
+
+ATF_TC(dmalloc_small);
+
+ATF_TC_HEAD(dmalloc_small, tc) {
+    atf_tc_set_md_var(tc, "descr", "dmalloc_small test, "
+		      "dmalloc 0x0FFFFFFF");
+}
+ATF_TC_BODY(dmalloc_small, tc) {
+    checkBuffer(0X0FFFFFFF, MDL);
+}
+
 ATF_TP_ADD_TCS(tp)
 {
     ATF_TP_ADD_TC(tp, buffer_allocate);
@@ -550,6 +630,11 @@ ATF_TP_ADD_TCS(tp)
     ATF_TP_ADD_TC(tp, data_string_copy_nobuf);
     ATF_TP_ADD_TC(tp, data_string_new);
     ATF_TP_ADD_TC(tp, data_string_terminate);
+    ATF_TP_ADD_TC(tp, dmalloc_max32);
+    ATF_TP_ADD_TC(tp, dmalloc_med1);
+    ATF_TP_ADD_TC(tp, dmalloc_med2);
+    ATF_TP_ADD_TC(tp, dmalloc_med3);
+    ATF_TP_ADD_TC(tp, dmalloc_small);
 
     return (atf_no_error());
 }
diff --git a/includes/omapip/omapip.h b/includes/omapip/omapip.h
index afa9fd487..e7b472031 100644
--- a/includes/omapip/omapip.h
+++ b/includes/omapip/omapip.h
@@ -3,7 +3,7 @@
    Definitions for the object management API and protocol... */
 
 /*
- * Copyright (c) 2009,2013-2014 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2009,2013-2014,2016 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 2004,2007 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1996-2003 by Internet Software Consortium
  *
@@ -556,7 +556,7 @@ isc_result_t omapi_object_handle (omapi_handle_t *, omapi_object_t *);
 isc_result_t omapi_handle_lookup (omapi_object_t **, omapi_handle_t);
 isc_result_t omapi_handle_td_lookup (omapi_object_t **, omapi_typed_data_t *);
 
-void * dmalloc (unsigned, const char *, int);
+void * dmalloc (size_t, const char *, int);
 void dfree (void *, const char *, int);
 #if defined (DEBUG_MEMORY_LEAKAGE) || defined (DEBUG_MALLOC_POOL) || \
 		defined (DEBUG_MEMORY_LEAKAGE_ON_EXIT)
diff --git a/omapip/alloc.c b/omapip/alloc.c
index a70fe21d4..905434466 100644
--- a/omapip/alloc.c
+++ b/omapip/alloc.c
@@ -4,7 +4,7 @@
    protocol... */
 
 /*
- * Copyright (c) 2012,2014 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2012,2014,2016 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 2009-2010 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 2004-2007 by Internet Systems Consortium, Inc. ("ISC")
  * Copyright (c) 1999-2003 by Internet Software Consortium
@@ -53,9 +53,9 @@ static void print_rc_hist_entry (int);
 #endif
 
 void *
-dmalloc(unsigned size, const char *file, int line) {
+dmalloc(size_t size, const char *file, int line) {
 	unsigned char *foo;
-	unsigned len;
+	size_t len;
 	void **bar;
 #if defined (DEBUG_MEMORY_LEAKAGE) || defined (DEBUG_MALLOC_POOL) || \
 		defined (DEBUG_MEMORY_LEAKAGE_ON_EXIT)