lib{c,openbsd}: use ckd_mul() for overflow checking in re(c)allocarray

Summary:
This makes the code easier to understand and slightly faster,
but requires C23.  calloc() would  benefit, too, but I didn't
want to touch the imported jemalloc code base.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D52854
This commit is contained in:
Robert Clausecker
2025-10-02 15:26:46 +02:00
parent a8d774d970
commit 7233893e94
2 changed files with 8 additions and 21 deletions
+5 -9
View File
@@ -17,23 +17,19 @@
#include <sys/types.h> #include <sys/types.h>
#include <errno.h> #include <errno.h>
#include <stdckdint.h>
#include <stdint.h> #include <stdint.h>
#include <stdlib.h> #include <stdlib.h>
/*
* This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX
* if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW
*/
#define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4))
void * void *
reallocarray(void *optr, size_t nmemb, size_t size) reallocarray(void *optr, size_t nmemb, size_t size)
{ {
size_t nbytes;
if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && if (ckd_mul(&nbytes, nmemb, size)) {
nmemb > 0 && SIZE_MAX / nmemb < size) {
errno = ENOMEM; errno = ENOMEM;
return (NULL); return (NULL);
} }
return (realloc(optr, size * nmemb));
return (realloc(optr, nbytes));
} }
+3 -12
View File
@@ -16,17 +16,12 @@
*/ */
#include <errno.h> #include <errno.h>
#include <stdckdint.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdint.h> #include <stdint.h>
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
/*
* This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX
* if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW
*/
#define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4))
void *recallocarray(void *, size_t, size_t, size_t); void *recallocarray(void *, size_t, size_t, size_t);
void * void *
@@ -38,19 +33,15 @@ recallocarray(void *ptr, size_t oldnmemb, size_t newnmemb, size_t size)
if (ptr == NULL) if (ptr == NULL)
return calloc(newnmemb, size); return calloc(newnmemb, size);
if ((newnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && if (ckd_mul(&newsize, newnmemb, size)) {
newnmemb > 0 && SIZE_MAX / newnmemb < size) {
errno = ENOMEM; errno = ENOMEM;
return NULL; return NULL;
} }
newsize = newnmemb * size;
if ((oldnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && if (ckd_mul(&oldsize, oldnmemb, size)) {
oldnmemb > 0 && SIZE_MAX / oldnmemb < size) {
errno = EINVAL; errno = EINVAL;
return NULL; return NULL;
} }
oldsize = oldnmemb * size;
/* /*
* Don't bother too much if we're shrinking just a bit, * Don't bother too much if we're shrinking just a bit,