Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 409 lines (317 sloc) 8.498 kB
e310e5f - more memory allocation integer overflow auditing
Tony Cook authored
1 #include "imager.h"
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
2 #include <stdlib.h>
3 #ifndef _MSC_VER
4 #include <unistd.h>
5 #endif
6
7
8 /* FIXME: make allocation dynamic */
9
10
11 #ifdef IMAGER_DEBUG_MALLOC
12
2ff8ed3 Added more logging to quant.c. Removed global variables from gif.c.
Arnar Mar Hrafnkelsson authored
13 #define MAXMAL 102400
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
14 #define MAXDESC 65
15
a743c0a Removed a bunch of unused variables and fixed an attempt to print out a
Arnar Mar Hrafnkelsson authored
16 #define UNDRRNVAL 10
17 #define OVERRNVAL 10
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
18
19 #define PADBYTE 0xaa
20
21
22 static int malloc_need_init = 1;
23
24 typedef struct {
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
25 void* ptr;
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
26 size_t size;
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
27 char comm[MAXDESC];
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
28 } malloc_entry;
29
30 malloc_entry malloc_pointers[MAXMAL];
31
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
32
33
34
35 /* Utility functions */
36
37
38 static
39 void
aea697a fix errors and some warnings on Win32
Tony Cook authored
40 malloc_init(void) {
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
41 int i;
42 for(i=0; i<MAXMAL; i++) malloc_pointers[i].ptr = NULL;
43 malloc_need_init = 0;
44 atexit(malloc_state);
45 }
46
47
48 static
49 int
50 find_ptr(void *p) {
51 int i;
52 for(i=0;i<MAXMAL;i++)
53 if (malloc_pointers[i].ptr == p)
54 return i;
55 return -1;
56 }
57
58
59 /* Takes a pointer to real start of array,
60 * sets the entries in the table, returns
61 * the offset corrected pointer */
62
63 static
64 void *
65 set_entry(int i, char *buf, size_t size, char *file, int line) {
66 memset( buf, PADBYTE, UNDRRNVAL );
67 memset( &buf[UNDRRNVAL+size], PADBYTE, OVERRNVAL );
68 buf += UNDRRNVAL;
69 malloc_pointers[i].ptr = buf;
70 malloc_pointers[i].size = size;
71 sprintf(malloc_pointers[i].comm,"%s (%d)", file, line);
72 return buf;
73 }
74
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
75 void
aea697a fix errors and some warnings on Win32
Tony Cook authored
76 malloc_state(void) {
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
77 int i, total = 0;
78
cd4b0b2 have error.c free a non-leak when using the debug malloc
Tony Cook authored
79 i_clear_error();
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
80 mm_log((0,"malloc_state()\n"));
81 bndcheck_all();
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
82 for(i=0; i<MAXMAL; i++) if (malloc_pointers[i].ptr != NULL) {
83 mm_log((0,"%d: %d (0x%x) : %s\n", i, malloc_pointers[i].size, malloc_pointers[i].ptr, malloc_pointers[i].comm));
84 total += malloc_pointers[i].size;
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
85 }
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
86 if (total == 0) mm_log((0,"No memory currently used!\n"))
87 else mm_log((0,"total: %d\n",total));
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
88 }
89
90
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
91
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
92 void*
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
93 mymalloc_file_line(size_t size, char* file, int line) {
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
94 char *buf;
95 int i;
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
96 if (malloc_need_init) malloc_init();
97
98 /* bndcheck_all(); Uncomment for LOTS OF THRASHING */
99
100 if ( (i = find_ptr(NULL)) < 0 ) {
101 mm_log((0,"more than %d segments allocated at %s (%d)\n", MAXMAL, file, line));
102 exit(3);
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
103 }
104
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
105 if ( (buf = malloc(size+UNDRRNVAL+OVERRNVAL)) == NULL ) {
106 mm_log((1,"Unable to allocate %i for %s (%i)\n", size, file, line));
107 exit(3);
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
108 }
109
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
110 buf = set_entry(i, buf, size, file, line);
111 mm_log((1,"mymalloc_file_line: slot <%d> %d bytes allocated at %p for %s (%d)\n", i, size, buf, file, line));
112 return buf;
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
113 }
114
e310e5f - more memory allocation integer overflow auditing
Tony Cook authored
115 void *
116 (mymalloc)(int size) {
117 return mymalloc_file_line(size, "unknown", 0);
118 }
119
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
120 void*
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
121 myrealloc_file_line(void *ptr, size_t newsize, char* file, int line) {
122 char *buf;
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
123 int i;
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
124
125 if (malloc_need_init) malloc_init();
126 /* bndcheck_all(); ACTIVATE FOR LOTS OF THRASHING */
127
128 if (!ptr) {
129 mm_log((1, "realloc called with ptr = NULL, sending request to malloc\n"));
130 return mymalloc_file_line(newsize, file, line);
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
131 }
132
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
133 if (!newsize) {
134 mm_log((1, "newsize = 0, sending request to free\n"));
135 myfree_file_line(ptr, file, line);
136 return NULL;
137 }
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
138
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
139 if ( (i = find_ptr(ptr)) == -1) {
140 mm_log((0, "Unable to find %p in realloc for %s (%i)\n", ptr, file, line));
141 exit(3);
142 }
143
aea697a fix errors and some warnings on Win32
Tony Cook authored
144 if ( (buf = realloc(((char *)ptr)-UNDRRNVAL, UNDRRNVAL+OVERRNVAL+newsize)) == NULL ) {
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
145 mm_log((1,"Unable to reallocate %i bytes at %p for %s (%i)\n", newsize, ptr, file, line));
146 exit(3);
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
147 }
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
148
149 buf = set_entry(i, buf, newsize, file, line);
150 mm_log((1,"realloc_file_line: slot <%d> %d bytes allocated at %p for %s (%d)\n", i, newsize, buf, file, line));
151 return buf;
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
152 }
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
153
e310e5f - more memory allocation integer overflow auditing
Tony Cook authored
154 void *
155 (myrealloc)(void *ptr, size_t newsize) {
156 return myrealloc_file_line(ptr, newsize, "unknown", 0);
157 }
158
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
159 static
160 void
161 bndcheck(int idx) {
162 int i;
163 size_t s = malloc_pointers[idx].size;
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
164 unsigned char *pp = malloc_pointers[idx].ptr;
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
165 if (!pp) {
166 mm_log((1, "bndcheck: No pointer in slot %d\n", idx));
167 return;
168 }
169
170 for(i=0;i<UNDRRNVAL;i++)
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
171 if (pp[-(1+i)] != PADBYTE)
172 mm_log((1,"bndcheck: UNDERRUN OF %d bytes detected: slot = %d, point = %p, size = %d\n", i+1, idx, pp, s ));
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
173
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
174 for(i=0;i<OVERRNVAL;i++)
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
175 if (pp[s+i] != PADBYTE)
176 mm_log((1,"bndcheck: OVERRUN OF %d bytes detected: slot = %d, point = %p, size = %d\n", i+1, idx, pp, s ));
177 }
178
179 void
180 bndcheck_all() {
181 int idx;
182 mm_log((1, "bndcheck_all()\n"));
76ff75b tga.c should now support reading/writing all variants of targa files.…
Arnar Mar Hrafnkelsson authored
183 for(idx=0; idx<MAXMAL; idx++)
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
184 if (malloc_pointers[idx].ptr)
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
185 bndcheck(idx);
186 }
187
188 void
189 myfree_file_line(void *p, char *file, int line) {
190 char *pp = p;
191 int match = 0;
192 int i;
193
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
194 for(i=0; i<MAXMAL; i++) if (malloc_pointers[i].ptr == p) {
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
195 mm_log((1,"myfree_file_line: pointer %i (%s) freed at %s (%i)\n", i, malloc_pointers[i].comm, file, line));
196 bndcheck(i);
fe6163b Various Changes to the memory accounting code, myrealloc() added.
Arnar Mar Hrafnkelsson authored
197 malloc_pointers[i].ptr = NULL;
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
198 match++;
199 }
97c4eff merge write to gif tags updates
Tony Cook authored
200
201 mm_log((1, "myfree_file_line: freeing address %p (real %p)\n", pp, pp-UNDRRNVAL));
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
202
203 if (match != 1) {
f1ac502 support for generic fills for box and arc, with solid, hatched
Tony Cook authored
204 mm_log((1, "myfree_file_line: INCONSISTENT REFCOUNT %d at %s (%i)\n", match, file, line));
aea697a fix errors and some warnings on Win32
Tony Cook authored
205 fprintf(stderr, "myfree_file_line: INCONSISTENT REFCOUNT %d at %s (%i)\n", match, file, line);
a73aeb5 Fixed most outstanding memory leaks that are revealed in the test cases.
Arnar Mar Hrafnkelsson authored
206 exit(255);
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
207 }
208
209
210 free(pp-UNDRRNVAL);
211 }
212
e310e5f - more memory allocation integer overflow auditing
Tony Cook authored
213 void
214 (myfree)(void *block) {
215 myfree_file_line(block, "unknown", 0);
216 }
217
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
218 #else
219
220 #define malloc_comm(a,b) (mymalloc(a))
221
222 void
223 malloc_state() {
224 printf("malloc_state: not in debug mode\n");
225 }
226
227 void*
228 mymalloc(int size) {
229 void *buf;
230
a659442 - eliminate unused variables and static functions
Tony Cook authored
231 if (size < 0) {
232 fprintf(stderr, "Attempt to allocate size %d\n", size);
233 exit(3);
234 }
235
a743c0a Removed a bunch of unused variables and fixed an attempt to print out a
Arnar Mar Hrafnkelsson authored
236 if ( (buf = malloc(size)) == NULL ) {
faa9b3e Egads
Tony Cook authored
237 mm_log((1, "mymalloc: unable to malloc %d\n", size));
cc6483e an extra stipple
Tony Cook authored
238 fprintf(stderr,"Unable to malloc %d.\n", size); exit(3);
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
239 }
f1ac502 support for generic fills for box and arc, with solid, hatched
Tony Cook authored
240 mm_log((1, "mymalloc(size %d) -> %p\n", size, buf));
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
241 return buf;
242 }
243
e310e5f - more memory allocation integer overflow auditing
Tony Cook authored
244 void *
245 mymalloc_file_line(size_t size, char *file, int line) {
246 return mymalloc(size);
247 }
248
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
249 void
250 myfree(void *p) {
dd55acc Switched all of jpeg to iolayer functions, removed older functions an…
Arnar Mar Hrafnkelsson authored
251 mm_log((1, "myfree(p %p)\n", p));
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
252 free(p);
253 }
254
e310e5f - more memory allocation integer overflow auditing
Tony Cook authored
255 void
256 myfree_file_line(void *p, char *file, int line) {
257 myfree(p);
258 }
259
faa9b3e Egads
Tony Cook authored
260 void *
261 myrealloc(void *block, size_t size) {
262 void *result;
263
264 mm_log((1, "myrealloc(block %p, size %u)\n", block, size));
265 if ((result = realloc(block, size)) == NULL) {
266 mm_log((1, "myrealloc: out of memory\n"));
267 fprintf(stderr, "Out of memory.\n");
268 exit(3);
269 }
270 return result;
271 }
272
e310e5f - more memory allocation integer overflow auditing
Tony Cook authored
273 void *
274 myrealloc_file_line(void *block, size_t newsize, char *file, int size) {
275 return myrealloc(block, newsize);
276 }
277
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
278 #endif /* IMAGER_MALLOC_DEBUG */
279
280
281
282
8047cbb Added memory pools to make clean up of temporary buffers simpler.
Arnar Mar Hrafnkelsson authored
283 /* memory pool implementation */
284
285 void
286 i_mempool_init(i_mempool *mp) {
287 mp->alloc = 10;
288 mp->used = 0;
289 mp->p = mymalloc(sizeof(void*)*mp->alloc);
290 }
291
292 void
293 i_mempool_extend(i_mempool *mp) {
294 mp->p = myrealloc(mp->p, mp->alloc * 2);
295 mp->alloc *=2;
296 }
297
298 void *
299 i_mempool_alloc(i_mempool *mp, size_t size) {
300 if (mp->used == mp->alloc) i_mempool_extend(mp);
301 mp->p[mp->used] = mymalloc(size);
302 mp->used++;
303 return mp->p[mp->used-1];
304 }
305
306
307 void
308 i_mempool_destroy(i_mempool *mp) {
309 unsigned int i;
310 for(i=0; i<mp->used; i++) myfree(mp->p[i]);
311 myfree(mp->p);
312 }
313
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
314
315
5473b91 Cleaned up io.h, io.c which had functions not used any more, removed …
Arnar Mar Hrafnkelsson authored
316 /* Should these really be here? */
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
317
318 #undef min
319 #undef max
320
321 int
b33c08f hide or rename any symbols that are likely to conflict with other
Tony Cook authored
322 i_min(int a,int b) {
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
323 if (a<b) return a; else return b;
324 }
325
326 int
b33c08f hide or rename any symbols that are likely to conflict with other
Tony Cook authored
327 i_max(int a,int b) {
02d1d62 Initial revision
Arnar Mar Hrafnkelsson authored
328 if (a>b) return a; else return b;
329 }
330
4f68b48 support UTF with Freetype 1.x
Tony Cook authored
331
332 struct utf8_size {
333 int mask, expect;
334 int size;
335 };
336
337 struct utf8_size utf8_sizes[] =
338 {
339 { 0x80, 0x00, 1 },
340 { 0xE0, 0xC0, 2 },
341 { 0xF0, 0xE0, 3 },
342 { 0xF8, 0xF0, 4 },
343 };
344
345 /*
346 =item utf8_advance(char **p, int *len)
347
348 Retreive a UTF8 character from the stream.
349
350 Modifies *p and *len to indicate the consumed characters.
351
352 This doesn't support the extended UTF8 encoding used by later versions
353 of Perl.
354
355 =cut
356 */
357
358 unsigned long i_utf8_advance(char const **p, int *len) {
359 unsigned char c;
360 int i, ci, clen = 0;
361 unsigned char codes[3];
362 if (*len == 0)
363 return ~0UL;
364 c = *(*p)++; --*len;
365
366 for (i = 0; i < sizeof(utf8_sizes)/sizeof(*utf8_sizes); ++i) {
367 if ((c & utf8_sizes[i].mask) == utf8_sizes[i].expect) {
368 clen = utf8_sizes[i].size;
369 }
370 }
371 if (clen == 0 || *len < clen-1) {
372 --*p; ++*len;
373 return ~0UL;
374 }
375
376 /* check that each character is well formed */
377 i = 1;
378 ci = 0;
379 while (i < clen) {
380 if (((*p)[ci] & 0xC0) != 0x80) {
381 --*p; ++*len;
382 return ~0UL;
383 }
384 codes[ci] = (*p)[ci];
385 ++ci; ++i;
386 }
387 *p += clen-1; *len -= clen-1;
388 if (c & 0x80) {
389 if ((c & 0xE0) == 0xC0) {
390 return ((c & 0x1F) << 6) + (codes[0] & 0x3F);
391 }
392 else if ((c & 0xF0) == 0xE0) {
393 return ((c & 0x0F) << 12) | ((codes[0] & 0x3F) << 6) | (codes[1] & 0x3f);
394 }
395 else if ((c & 0xF8) == 0xF0) {
396 return ((c & 0x07) << 18) | ((codes[0] & 0x3F) << 12)
397 | ((codes[1] & 0x3F) << 6) | (codes[2] & 0x3F);
398 }
399 else {
400 *p -= clen; *len += clen;
401 return ~0UL;
402 }
403 }
404 else {
405 return c;
406 }
407 }
408
Something went wrong with that request. Please try again.