From 64f78ef63be0e51e894ffd096de35c8a8f2ab034 Mon Sep 17 00:00:00 2001 From: Eric Andersen Date: Tue, 6 Aug 2002 03:28:45 +0000 Subject: Unify calloc (its the same thing regardless of the underlying malloc implementation). Fix problem reported to bugtraq about problems with integer overflow that can occur during the computation of the memory region size by calloc (and similar functions) which could result in a subsequent buffer overflow. -Erik --- libc/stdlib/malloc-930716/Makefile | 9 +------ libc/stdlib/malloc-930716/calloc.c | 49 +++++++++++++++++++++++++------------- libc/stdlib/malloc/Makefile | 4 ++-- libc/stdlib/malloc/calloc.c | 32 ------------------------- 4 files changed, 35 insertions(+), 59 deletions(-) delete mode 100644 libc/stdlib/malloc/calloc.c diff --git a/libc/stdlib/malloc-930716/Makefile b/libc/stdlib/malloc-930716/Makefile index b9dfea9f2..07dc94898 100644 --- a/libc/stdlib/malloc-930716/Makefile +++ b/libc/stdlib/malloc-930716/Makefile @@ -26,10 +26,7 @@ include $(TOPDIR)Rules.mak CSRC=calloc.c malloc.c COBJS=$(patsubst %.c,%.o, $(CSRC)) - -MSRC=../malloc/alloc.c -MOBJ=#malloc_dbg.o free_dbg.o calloc_dbg.o -OBJS=$(COBJS) $(MOBJ) +OBJS=$(COBJS) all: $(OBJS) $(LIBC) @@ -38,10 +35,6 @@ $(LIBC): ar-target ar-target: $(OBJS) $(AR) $(ARFLAGS) $(LIBC) $(OBJS) -$(MOBJ): $(MSRC) - $(CC) $(CFLAGS) -DL_$* $< -c -o $*.o - $(STRIPTOOL) -x -R .note -R .comment $*.o - $(COBJS): %.o : %.c $(CC) $(CFLAGS) -c $< -o $@ $(STRIPTOOL) -x -R .note -R .comment $*.o diff --git a/libc/stdlib/malloc-930716/calloc.c b/libc/stdlib/malloc-930716/calloc.c index 55d22ac11..e97db496d 100644 --- a/libc/stdlib/malloc-930716/calloc.c +++ b/libc/stdlib/malloc-930716/calloc.c @@ -1,24 +1,39 @@ -/* calloc.c - C standard library routine. - Copyright (c) 1989, 1993 Michael J. Haertel - You may redistribute this library under the terms of the - GNU Library General Public License (version 2 or any later - version) as published by the Free Software Foundation. - THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY EXPRESS OR IMPLIED - WARRANTY. IN PARTICULAR, THE AUTHOR MAKES NO REPRESENTATION OR - WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY OF THIS - SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE. */ +/* vi: set sw=4 ts=4: */ +/* calloc for uClibc + * + * Copyright (C) 2002 by Erik Andersen + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Library General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License + * for more details. + * + * You should have received a copy of the GNU Library General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ #include #include +#include -/* Allocate space for the given number of elements of the given - size, initializing the whole region to binary zeroes. */ -void * calloc(size_t nelem, size_t size) +void * calloc(size_t nmemb, size_t lsize) { - void *result; + void *result; + size_t size=lsize * nmemb; - result = malloc(size * nelem); - if (result) - memset(result, 0, nelem * size); - return result; + /* guard vs integer overflow */ + if (lsize != (size / nmemb)) { + __set_errno(ENOMEM); + return NULL; + } + if ((result=malloc(size))) { + memset(result, 0, size); + } + return result; } diff --git a/libc/stdlib/malloc/Makefile b/libc/stdlib/malloc/Makefile index 6d1e89186..30e5b9e2a 100644 --- a/libc/stdlib/malloc/Makefile +++ b/libc/stdlib/malloc/Makefile @@ -24,8 +24,8 @@ TOPDIR=../../../ include $(TOPDIR)Rules.mak -CSRC = malloc.o free.o realloc.o calloc.o heap_alloc.o \ - heap_alloc_at.o heap_free.o +CSRC = malloc.o free.o realloc.o heap_alloc.o \ + heap_alloc_at.o heap_free.o ../malloc-930716/calloc.o COBJS=$(patsubst %.c,%.o, $(CSRC)) OBJS=$(COBJS) diff --git a/libc/stdlib/malloc/calloc.c b/libc/stdlib/malloc/calloc.c deleted file mode 100644 index 1cbab4ac5..000000000 --- a/libc/stdlib/malloc/calloc.c +++ /dev/null @@ -1,32 +0,0 @@ -/* - * libc/stdlib/malloc/calloc.c -- calloc function - * - * Copyright (C) 2002 NEC Corporation - * Copyright (C) 2002 Miles Bader - * - * This file is subject to the terms and conditions of the GNU Lesser - * General Public License. See the file COPYING.LIB in the main - * directory of this archive for more details. - * - * Written by Miles Bader - */ - -#include -#include - -#include "malloc.h" - - -void * -calloc (size_t size, size_t num) -{ - void *mem; - - size *= num; - - mem = malloc (size); - if (mem) - memset (mem, 0, size); - - return mem; -} -- cgit v1.2.3