allow the memory limits to be respected strictly

this relaxes the memory limit check, so one byte extra may be allowed, after the check vs the limit the user sets.
verdammelt · Oct 31, 2019 · 375d20f · 375d20f
1 parent 7109b9e
commit 375d20f
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 11 deletions.
diff --git a/src/alloc.c b/src/alloc.c
@@ -106,29 +106,31 @@ checked_xmalloc (size_t num, size_t size)
 
 /* xmallocs memory and clears it out */
 void*
-xcalloc (size_t num, size_t size)
+xcalloc (size_t num, size_t size, size_t extra)
 {
     size_t res;
     if (check_mul_overflow(num, size, &res))
         abort();
 
     void *ptr;
-    ptr = malloc(res);
+    if (res + extra < res)
+        abort();
+    ptr = malloc(res + extra);
     if (ptr)
     {
-        memset (ptr, '\0', (res));
+        memset (ptr, '\0', (res + extra));
     }
     return ptr;
 }
 
 /* xcallocs memory but only up to a limit */
 void*
-checked_xcalloc (size_t num, size_t size)
+checked_xcalloc (size_t num, size_t size, size_t extra)
 {
     size_t res;
     if (check_mul_overflow(num, size, &res))
         abort();
 
     alloc_limit_assert ("checked_xcalloc", (res));
-    return xcalloc (num, size);
+    return xcalloc (num, size, extra);
 }
diff --git a/src/alloc.h b/src/alloc.h
@@ -37,17 +37,19 @@ extern size_t get_alloc_limit();
 extern void alloc_limit_assert (char *fn_name, size_t size);
 extern void* checked_xmalloc (size_t num, size_t size);
 extern void* xmalloc (size_t num, size_t size);
-extern void* checked_xcalloc (size_t num, size_t size);
-extern void* xcalloc (size_t num, size_t size);
+extern void* checked_xcalloc (size_t num, size_t size, size_t extra);
+extern void* xcalloc (size_t num, size_t size, size_t extra);
 
 #define XMALLOC(_type,_num)			                \
         ((_type*)xmalloc((_num), sizeof(_type)))
 #define XCALLOC(_type,_num) 				        \
-        ((_type*)xcalloc((_num), sizeof (_type)))
+  ((_type*)xcalloc((_num), sizeof (_type), 0))
 #define CHECKED_XMALLOC(_type,_num) 			        \
         ((_type*)checked_xmalloc((_num),sizeof(_type)))
-#define CHECKED_XCALLOC(_type,_num) 			        \
-        ((_type*)checked_xcalloc((_num),sizeof(_type)))
+#define CHECKED_XCALLOC(_type,_num)			\
+  ((_type*)checked_xcalloc((_num),sizeof(_type),0))
+#define CHECKED_XCALLOC_ADDNULL(_type,_num)		\
+  ((_type*)checked_xcalloc((_num),sizeof(_type),1))
 #define XFREE(_ptr)						\
         do { if (_ptr) { free (_ptr); _ptr = 0; } } while (0)
 

diff --git a/src/attr.c b/src/attr.c
@@ -257,7 +257,7 @@ attr_read (FILE* in)
     attr->name = ((type_and_name << 16) >> 16);
     attr->len = geti32(in);
     /* Allocate an extra byte for the null terminator. */
-    attr->buf = CHECKED_XCALLOC (unsigned char, attr->len + 1);
+    attr->buf = CHECKED_XCALLOC_ADDNULL(unsigned char, attr->len);
 
     (void)getbuf(in, attr->buf, attr->len);
     /* Always null terminate, in case the input lacks it,