[v4] argp-help: Get rid of alloca.
Checks
| Context |
Check |
Description |
| redhat-pt-bot/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
| redhat-pt-bot/TryBot-32bit |
success
|
Build for i686
|
| linaro-tcwg-bot/tcwg_glibc_check--master-arm |
success
|
Testing passed
|
| linaro-tcwg-bot/tcwg_glibc_build--master-aarch64 |
success
|
Testing passed
|
| linaro-tcwg-bot/tcwg_glibc_check--master-aarch64 |
success
|
Testing passed
|
| linaro-tcwg-bot/tcwg_glibc_build--master-arm |
success
|
Testing passed
|
Commit Message
Replace alloca with malloc to avoid potential stack overflow.
Checked on x86_64-linux-gnu
---
Changes to v3:
* convert scratch_buffer to malloc.
Changes to v2:
* Convert first scratch_buffer to malloc.
* Remove alloca boilerplate.
argp/argp-help.c | 34 ++++++++++++++++------------------
1 file changed, 16 insertions(+), 18 deletions(-)
Comments
On Sep 13 2023, Joe Simmons-Talbott wrote:
> + short_no_arg_opts = malloc (strlen (hol->short_options) + 1);
> + assert (short_no_arg_opts != NULL);
A library should never use assert for resource exhaustion checks.
On 14/09/23 03:57, Andreas Schwab wrote:
> On Sep 13 2023, Joe Simmons-Talbott wrote:
>
>> + short_no_arg_opts = malloc (strlen (hol->short_options) + 1);
>> + assert (short_no_arg_opts != NULL);
>
> A library should never use assert for resource exhaustion checks.
>
There pre-existent issues regarding this on the argp code, that's why
I suggested to follow the current practice. But I agree that is just
bad code, so maybe we should fix it before changing the alloca to use
malloc (either directly or through scratch_buffers).
@@ -25,21 +25,6 @@
#include <config.h>
#endif
-/* AIX requires this to be the first thing in the file. */
-#ifndef __GNUC__
-# if HAVE_ALLOCA_H || defined _LIBC
-# include <alloca.h>
-# else
-# ifdef _AIX
-#pragma alloca
-# else
-# ifndef alloca /* predefined by HP cc +Olibcalls */
-char *alloca ();
-# endif
-# endif
-# endif
-#endif
-
#include <stdbool.h>
#include <stddef.h>
#include <stdlib.h>
@@ -1450,8 +1435,14 @@ hol_usage (struct hol *hol, argp_fmtstream_t stream)
{
unsigned nentries;
struct hol_entry *entry;
- char *short_no_arg_opts = alloca (strlen (hol->short_options) + 1);
- char *snao_end = short_no_arg_opts;
+ char *short_no_arg_opts;
+ char *snao_end;
+
+ short_no_arg_opts = malloc (strlen (hol->short_options) + 1);
+ assert (short_no_arg_opts != NULL);
+
+ snao_end = short_no_arg_opts;
+
/* First we put a list of short options without arguments. */
for (entry = hol->entries, nentries = hol->num_entries
@@ -1478,6 +1469,8 @@ hol_usage (struct hol *hol, argp_fmtstream_t stream)
; entry++, nentries--)
hol_entry_long_iterate (entry, usage_long_opt,
entry->argp->argp_domain, stream);
+
+ free (short_no_arg_opts);
}
}
�
@@ -1698,7 +1691,10 @@ _help (const struct argp *argp, const struct argp_state *state, FILE *stream,
{
int first_pattern = 1, more_patterns;
size_t num_pattern_levels = argp_args_levels (argp);
- char *pattern_levels = alloca (num_pattern_levels);
+ char *pattern_levels;
+
+ pattern_levels = malloc (num_pattern_levels);
+ assert (pattern_levels != NULL);
memset (pattern_levels, 0, num_pattern_levels);
@@ -1746,6 +1742,8 @@ _help (const struct argp *argp, const struct argp_state *state, FILE *stream,
first_pattern = 0;
}
while (more_patterns);
+
+ free (pattern_levels);
}
if (flags & ARGP_HELP_PRE_DOC)