[v2] setrlimit/getrlimit: Use __nonnull to avoid null pointer
Commit Message
Add __nonnull((2)) to the setrlimit()/getrlimit() function declaration
to avoid null pointer access.
-----
v2
According to the suggestions of the Adhemerval Zanella and Zack Weinberg:
use __nonnull() to check null pointers in the compilation phase.
do not add pointer check code to setrlimit()/getrlimit().
The validity of the "resource" parameter is checked in the syscall.
v1
https://public-inbox.org/libc-alpha/20201230114131.47589-1-nixiaoming@huawei.com/
-----
---
include/sys/resource.h | 4 ++--
resource/sys/resource.h | 14 ++++++++------
2 files changed, 10 insertions(+), 8 deletions(-)
Comments
ping
On 2021/1/4 12:07, Xiaoming Ni wrote:
> Add __nonnull((2)) to the setrlimit()/getrlimit() function declaration
> to avoid null pointer access.
>
> -----
> v2
> According to the suggestions of the Adhemerval Zanella and Zack Weinberg:
> use __nonnull() to check null pointers in the compilation phase.
> do not add pointer check code to setrlimit()/getrlimit().
> The validity of the "resource" parameter is checked in the syscall.
> v1
> https://public-inbox.org/libc-alpha/20201230114131.47589-1-nixiaoming@huawei.com/
> -----
> ---
> include/sys/resource.h | 4 ++--
> resource/sys/resource.h | 14 ++++++++------
> 2 files changed, 10 insertions(+), 8 deletions(-)
>
> diff --git a/include/sys/resource.h b/include/sys/resource.h
> index 2235b020fc..21d3908714 100644
> --- a/include/sys/resource.h
> +++ b/include/sys/resource.h
> @@ -126,13 +126,13 @@ libc_hidden_proto (__getrlimit64);
>
> /* Now define the internal interfaces. */
> extern int __getrlimit (enum __rlimit_resource __resource,
> - struct rlimit *__rlimits);
> + struct rlimit *__rlimits) __nonnull ((2));
> libc_hidden_proto (__getrlimit)
> extern int __getrusage (enum __rusage_who __who, struct rusage *__usage)
> attribute_hidden;
>
> extern int __setrlimit (enum __rlimit_resource __resource,
> - const struct rlimit *__rlimits);
> + const struct rlimit *__rlimits) __nonnull ((2));
> libc_hidden_proto (__setrlimit);
>
> #if __TIMESIZE == 64
> diff --git a/resource/sys/resource.h b/resource/sys/resource.h
> index 4edafb50d5..41aa42daa4 100644
> --- a/resource/sys/resource.h
> +++ b/resource/sys/resource.h
> @@ -48,18 +48,19 @@ typedef int __priority_which_t;
> Returns 0 if successful, -1 if not (and sets errno). */
> #ifndef __USE_FILE_OFFSET64
> extern int getrlimit (__rlimit_resource_t __resource,
> - struct rlimit *__rlimits) __THROW;
> + struct rlimit *__rlimits) __THROW __nonnull ((2));
> #else
> # ifdef __REDIRECT_NTH
> extern int __REDIRECT_NTH (getrlimit, (__rlimit_resource_t __resource,
> - struct rlimit *__rlimits), getrlimit64);
> + struct rlimit *__rlimits), getrlimit64)
> + __nonnull ((2));
> # else
> # define getrlimit getrlimit64
> # endif
> #endif
> #ifdef __USE_LARGEFILE64
> extern int getrlimit64 (__rlimit_resource_t __resource,
> - struct rlimit64 *__rlimits) __THROW;
> + struct rlimit64 *__rlimits) __THROW __nonnull ((2));
> #endif
>
> /* Set the soft and hard limits for RESOURCE to *RLIMITS.
> @@ -67,19 +68,20 @@ extern int getrlimit64 (__rlimit_resource_t __resource,
> Return 0 if successful, -1 if not (and sets errno). */
> #ifndef __USE_FILE_OFFSET64
> extern int setrlimit (__rlimit_resource_t __resource,
> - const struct rlimit *__rlimits) __THROW;
> + const struct rlimit *__rlimits) __THROW __nonnull ((2));
> #else
> # ifdef __REDIRECT_NTH
> extern int __REDIRECT_NTH (setrlimit, (__rlimit_resource_t __resource,
> const struct rlimit *__rlimits),
> - setrlimit64);
> + setrlimit64) __nonnull ((2));
> # else
> # define setrlimit setrlimit64
> # endif
> #endif
> #ifdef __USE_LARGEFILE64
> extern int setrlimit64 (__rlimit_resource_t __resource,
> - const struct rlimit64 *__rlimits) __THROW;
> + const struct rlimit64 *__rlimits) __THROW
> + __nonnull ((2));
> #endif
>
> /* Return resource usage information on process indicated by WHO
>
On 04/01/2021 01:07, Xiaoming Ni wrote:
> Add __nonnull((2)) to the setrlimit()/getrlimit() function declaration
> to avoid null pointer access.
>
> -----
> v2
> According to the suggestions of the Adhemerval Zanella and Zack Weinberg:
> use __nonnull() to check null pointers in the compilation phase.
> do not add pointer check code to setrlimit()/getrlimit().
> The validity of the "resource" parameter is checked in the syscall.
> v1
> https://public-inbox.org/libc-alpha/20201230114131.47589-1-nixiaoming@huawei.com/
LGTM, ok for *2.34*.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> -----
> ---
> include/sys/resource.h | 4 ++--
> resource/sys/resource.h | 14 ++++++++------
> 2 files changed, 10 insertions(+), 8 deletions(-)
>
> diff --git a/include/sys/resource.h b/include/sys/resource.h
> index 2235b020fc..21d3908714 100644
> --- a/include/sys/resource.h
> +++ b/include/sys/resource.h
> @@ -126,13 +126,13 @@ libc_hidden_proto (__getrlimit64);
>
> /* Now define the internal interfaces. */
> extern int __getrlimit (enum __rlimit_resource __resource,
> - struct rlimit *__rlimits);
> + struct rlimit *__rlimits) __nonnull ((2));
> libc_hidden_proto (__getrlimit)
> extern int __getrusage (enum __rusage_who __who, struct rusage *__usage)
> attribute_hidden;
>
> extern int __setrlimit (enum __rlimit_resource __resource,
> - const struct rlimit *__rlimits);
> + const struct rlimit *__rlimits) __nonnull ((2));
> libc_hidden_proto (__setrlimit);
>
> #if __TIMESIZE == 64
Ok.
> diff --git a/resource/sys/resource.h b/resource/sys/resource.h
> index 4edafb50d5..41aa42daa4 100644
> --- a/resource/sys/resource.h
> +++ b/resource/sys/resource.h
> @@ -48,18 +48,19 @@ typedef int __priority_which_t;
> Returns 0 if successful, -1 if not (and sets errno). */
> #ifndef __USE_FILE_OFFSET64
> extern int getrlimit (__rlimit_resource_t __resource,
> - struct rlimit *__rlimits) __THROW;
> + struct rlimit *__rlimits) __THROW __nonnull ((2));
> #else
> # ifdef __REDIRECT_NTH
> extern int __REDIRECT_NTH (getrlimit, (__rlimit_resource_t __resource,
> - struct rlimit *__rlimits), getrlimit64);
> + struct rlimit *__rlimits), getrlimit64)
> + __nonnull ((2));
> # else
> # define getrlimit getrlimit64
> # endif
> #endif
> #ifdef __USE_LARGEFILE64
> extern int getrlimit64 (__rlimit_resource_t __resource,
> - struct rlimit64 *__rlimits) __THROW;
> + struct rlimit64 *__rlimits) __THROW __nonnull ((2));
> #endif
>
> /* Set the soft and hard limits for RESOURCE to *RLIMITS.
Ok.
> @@ -67,19 +68,20 @@ extern int getrlimit64 (__rlimit_resource_t __resource,
> Return 0 if successful, -1 if not (and sets errno). */
> #ifndef __USE_FILE_OFFSET64
> extern int setrlimit (__rlimit_resource_t __resource,
> - const struct rlimit *__rlimits) __THROW;
> + const struct rlimit *__rlimits) __THROW __nonnull ((2));
> #else
> # ifdef __REDIRECT_NTH
> extern int __REDIRECT_NTH (setrlimit, (__rlimit_resource_t __resource,
> const struct rlimit *__rlimits),
> - setrlimit64);
> + setrlimit64) __nonnull ((2));
> # else
> # define setrlimit setrlimit64
> # endif
> #endif
> #ifdef __USE_LARGEFILE64
> extern int setrlimit64 (__rlimit_resource_t __resource,
> - const struct rlimit64 *__rlimits) __THROW;
> + const struct rlimit64 *__rlimits) __THROW
> + __nonnull ((2));
> #endif
>
> /* Return resource usage information on process indicated by WHO
>
Ok.
On 25/01/2021 14:36, Adhemerval Zanella wrote:
>
>
> On 04/01/2021 01:07, Xiaoming Ni wrote:
>> Add __nonnull((2)) to the setrlimit()/getrlimit() function declaration
>> to avoid null pointer access.
>>
>> -----
>> v2
>> According to the suggestions of the Adhemerval Zanella and Zack Weinberg:
>> use __nonnull() to check null pointers in the compilation phase.
>> do not add pointer check code to setrlimit()/getrlimit().
>> The validity of the "resource" parameter is checked in the syscall.
>> v1
>> https://public-inbox.org/libc-alpha/20201230114131.47589-1-nixiaoming@huawei.com/
>
> LGTM, ok for *2.34*.
>
> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
I push it upstream, thanks for the patch.
@@ -126,13 +126,13 @@ libc_hidden_proto (__getrlimit64);
/* Now define the internal interfaces. */
extern int __getrlimit (enum __rlimit_resource __resource,
- struct rlimit *__rlimits);
+ struct rlimit *__rlimits) __nonnull ((2));
libc_hidden_proto (__getrlimit)
extern int __getrusage (enum __rusage_who __who, struct rusage *__usage)
attribute_hidden;
extern int __setrlimit (enum __rlimit_resource __resource,
- const struct rlimit *__rlimits);
+ const struct rlimit *__rlimits) __nonnull ((2));
libc_hidden_proto (__setrlimit);
#if __TIMESIZE == 64
@@ -48,18 +48,19 @@ typedef int __priority_which_t;
Returns 0 if successful, -1 if not (and sets errno). */
#ifndef __USE_FILE_OFFSET64
extern int getrlimit (__rlimit_resource_t __resource,
- struct rlimit *__rlimits) __THROW;
+ struct rlimit *__rlimits) __THROW __nonnull ((2));
#else
# ifdef __REDIRECT_NTH
extern int __REDIRECT_NTH (getrlimit, (__rlimit_resource_t __resource,
- struct rlimit *__rlimits), getrlimit64);
+ struct rlimit *__rlimits), getrlimit64)
+ __nonnull ((2));
# else
# define getrlimit getrlimit64
# endif
#endif
#ifdef __USE_LARGEFILE64
extern int getrlimit64 (__rlimit_resource_t __resource,
- struct rlimit64 *__rlimits) __THROW;
+ struct rlimit64 *__rlimits) __THROW __nonnull ((2));
#endif
/* Set the soft and hard limits for RESOURCE to *RLIMITS.
@@ -67,19 +68,20 @@ extern int getrlimit64 (__rlimit_resource_t __resource,
Return 0 if successful, -1 if not (and sets errno). */
#ifndef __USE_FILE_OFFSET64
extern int setrlimit (__rlimit_resource_t __resource,
- const struct rlimit *__rlimits) __THROW;
+ const struct rlimit *__rlimits) __THROW __nonnull ((2));
#else
# ifdef __REDIRECT_NTH
extern int __REDIRECT_NTH (setrlimit, (__rlimit_resource_t __resource,
const struct rlimit *__rlimits),
- setrlimit64);
+ setrlimit64) __nonnull ((2));
# else
# define setrlimit setrlimit64
# endif
#endif
#ifdef __USE_LARGEFILE64
extern int setrlimit64 (__rlimit_resource_t __resource,
- const struct rlimit64 *__rlimits) __THROW;
+ const struct rlimit64 *__rlimits) __THROW
+ __nonnull ((2));
#endif
/* Return resource usage information on process indicated by WHO