Checked array allocation arithmetic with isc_mem_get and friends

Add new isc_mem_cget(), isc_mem_creget(), and isc_mem_cput() macros to
complement the isc_mem_callocate() (which works like calloc()).

The overflow checks are implemented as macros in the <isc/mem.h>, so
that the compiler can see that the element size is constant: it should
always be `sizeof(something)`.

diff --git a/lib/isc/include/isc/mem.h b/lib/isc/include/isc/mem.h
index 8ba4169547f02ecdf372ff00a597a5676a979ac2..9dde53c6d5fa021a3cbabe17af5b286c2c814475 100644 (file)
--- a/lib/isc/include/isc/mem.h
+++ b/lib/isc/include/isc/mem.h
@@ -21,6 +21,7 @@
 #include <isc/attributes.h>
 #include <isc/lang.h>
 #include <isc/mutex.h>
+#include <isc/overflow.h>
 #include <isc/types.h>
 
 ISC_LANG_BEGINDECLS
@@ -154,17 +155,25 @@ extern unsigned int isc_mem_defaultflags;
 #endif
 #define ISC_MEM_ZERO ((int)0x40)
 
-#define isc_mem_get(c, s)     isc__mem_get((c), (s), 0 _ISC_MEM_FILELINE)
+#define isc_mem_get(c, s) isc__mem_get((c), (s), 0 _ISC_MEM_FILELINE)
+#define isc_mem_cget(c, n, s)                        \
+       isc__mem_get((c), ISC_CHECKED_MUL((n), (s)), \
+                    ISC_MEM_ZERO _ISC_MEM_FILELINE)
 #define isc_mem_getx(c, s, f) isc__mem_get((c), (s), (f)_ISC_MEM_FILELINE)
 #define isc_mem_reget(c, p, o, n) \
        isc__mem_reget((c), (p), (o), (n), 0 _ISC_MEM_FILELINE)
+#define isc_mem_creget(c, p, o, n, s)                       \
+       isc__mem_reget((c), (p), ISC_CHECKED_MUL((o), (s)), \
+                      ISC_CHECKED_MUL((n), (s)),           \
+                      ISC_MEM_ZERO _ISC_MEM_FILELINE)
 #define isc_mem_regetx(c, p, o, n, f) \
        isc__mem_reget((c), (p), (o), (n), (f)_ISC_MEM_FILELINE)
 #define isc_mem_allocate(c, s) isc__mem_allocate((c), (s), 0 _ISC_MEM_FILELINE)
 #define isc_mem_allocatex(c, s, f) \
        isc__mem_allocate((c), (s), (f)_ISC_MEM_FILELINE)
-#define isc_mem_callocate(c, n, s) \
-       isc__mem_callocate((c), (n), (s), 0 _ISC_MEM_FILELINE)
+#define isc_mem_callocate(c, n, s)                        \
+       isc__mem_allocate((c), ISC_CHECKED_MUL((n), (s)), \
+                         ISC_MEM_ZERO _ISC_MEM_FILELINE)
 #define isc_mem_reallocate(c, p, s) \
        isc__mem_reallocate((c), (p), (s), 0 _ISC_MEM_FILELINE)
 #define isc_mem_reallocatex(c, p, s, f) \
@@ -179,6 +188,12 @@ extern unsigned int isc_mem_defaultflags;
                isc__mem_put((c), (p), (s), 0 _ISC_MEM_FILELINE); \
                (p) = NULL;                                       \
        } while (0)
+#define isc_mem_cput(c, p, n, s)                                  \
+       do {                                                      \
+               isc__mem_put((c), (p), ISC_CHECKED_MUL((n), (s)), \
+                            ISC_MEM_ZERO _ISC_MEM_FILELINE);     \
+               (p) = NULL;                                       \
+       } while (0)
 #define isc_mem_putx(c, p, s, f)                                   \
        do {                                                       \
                isc__mem_put((c), (p), (s), (f)_ISC_MEM_FILELINE); \
@@ -517,10 +532,6 @@ ISC_ATTR_MALLOC_DEALLOCATOR_IDX(isc__mem_free, 2)
 void *
 isc__mem_allocate(isc_mem_t *, size_t, int _ISC_MEM_FLARG);
 
-ISC_ATTR_MALLOC_DEALLOCATOR_IDX(isc__mem_free, 2)
-void *
-isc__mem_callocate(isc_mem_t *, size_t, size_t, int _ISC_MEM_FLARG);
-
 ISC_ATTR_DEALLOCATOR_IDX(isc__mem_free, 2)
 void *
 isc__mem_reallocate(isc_mem_t *, void *, size_t, int _ISC_MEM_FLARG);

diff --git a/lib/isc/mem.c b/lib/isc/mem.c
index b03e1122d0ba4c5d96b1de9d69562a4b344ee7bd..4199428f2e52fcb0cb20f075da1a72aa7a7b7302 100644 (file)
--- a/lib/isc/mem.c
+++ b/lib/isc/mem.c
@@ -819,13 +819,6 @@ isc__mem_allocate(isc_mem_t *ctx, size_t size, int flags FLARG) {
        return (ptr);
 }
 
-void *
-isc__mem_callocate(isc_mem_t *ctx, size_t count, size_t size, int flags FLARG) {
-       size_t bytes = ISC_CHECKED_MUL(count, size);
-       return (isc__mem_allocate(ctx, bytes,
-                                 (flags | ISC_MEM_ZERO) FLARG_PASS));
-}
-
 void *
 isc__mem_reget(isc_mem_t *ctx, void *old_ptr, size_t old_size, size_t new_size,
               int flags FLARG) {