9f9c9549fd
As I noted in https://reviews.freebsd.org/D22756, INTOFF should be in effect when calling ckmalloc/ckrealloc/ckfree to avoid memory leaks and double frees. Therefore, change the functions to check if INTOFF is in effect instead of applying it. Reviewed by: bdrewery Differential Revision: https://reviews.freebsd.org/D24599
352 lines
7.7 KiB
C
352 lines
7.7 KiB
C
/*-
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*
|
|
* Copyright (c) 1991, 1993
|
|
* The Regents of the University of California. All rights reserved.
|
|
*
|
|
* This code is derived from software contributed to Berkeley by
|
|
* Kenneth Almquist.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#ifndef lint
|
|
#if 0
|
|
static char sccsid[] = "@(#)memalloc.c 8.3 (Berkeley) 5/4/95";
|
|
#endif
|
|
#endif /* not lint */
|
|
#include <sys/cdefs.h>
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
#include <sys/param.h>
|
|
#include "shell.h"
|
|
#include "output.h"
|
|
#include "memalloc.h"
|
|
#include "error.h"
|
|
#include "mystring.h"
|
|
#include "expand.h"
|
|
#include <stdlib.h>
|
|
#include <unistd.h>
|
|
|
|
static void
|
|
badalloc(const char *message)
|
|
{
|
|
write(2, message, strlen(message));
|
|
abort();
|
|
}
|
|
|
|
/*
|
|
* Like malloc, but returns an error when out of space.
|
|
*/
|
|
|
|
pointer
|
|
ckmalloc(size_t nbytes)
|
|
{
|
|
pointer p;
|
|
|
|
if (!is_int_on())
|
|
badalloc("Unsafe ckmalloc() call\n");
|
|
p = malloc(nbytes);
|
|
if (p == NULL)
|
|
error("Out of space");
|
|
return p;
|
|
}
|
|
|
|
|
|
/*
|
|
* Same for realloc.
|
|
*/
|
|
|
|
pointer
|
|
ckrealloc(pointer p, int nbytes)
|
|
{
|
|
if (!is_int_on())
|
|
badalloc("Unsafe ckrealloc() call\n");
|
|
p = realloc(p, nbytes);
|
|
if (p == NULL)
|
|
error("Out of space");
|
|
return p;
|
|
}
|
|
|
|
void
|
|
ckfree(pointer p)
|
|
{
|
|
if (!is_int_on())
|
|
badalloc("Unsafe ckfree() call\n");
|
|
free(p);
|
|
}
|
|
|
|
|
|
/*
|
|
* Make a copy of a string in safe storage.
|
|
*/
|
|
|
|
char *
|
|
savestr(const char *s)
|
|
{
|
|
char *p;
|
|
size_t len;
|
|
|
|
len = strlen(s);
|
|
p = ckmalloc(len + 1);
|
|
memcpy(p, s, len + 1);
|
|
return p;
|
|
}
|
|
|
|
|
|
/*
|
|
* Parse trees for commands are allocated in lifo order, so we use a stack
|
|
* to make this more efficient, and also to avoid all sorts of exception
|
|
* handling code to handle interrupts in the middle of a parse.
|
|
*
|
|
* The size 496 was chosen because with 16-byte alignment the total size
|
|
* for the allocated block is 512.
|
|
*/
|
|
|
|
#define MINSIZE 496 /* minimum size of a block. */
|
|
|
|
|
|
struct stack_block {
|
|
struct stack_block *prev;
|
|
/* Data follows */
|
|
};
|
|
#define SPACE(sp) ((char*)(sp) + ALIGN(sizeof(struct stack_block)))
|
|
|
|
static struct stack_block *stackp;
|
|
char *stacknxt;
|
|
int stacknleft;
|
|
char *sstrend;
|
|
|
|
|
|
static void
|
|
stnewblock(int nbytes)
|
|
{
|
|
struct stack_block *sp;
|
|
int allocsize;
|
|
|
|
if (nbytes < MINSIZE)
|
|
nbytes = MINSIZE;
|
|
|
|
allocsize = ALIGN(sizeof(struct stack_block)) + ALIGN(nbytes);
|
|
|
|
INTOFF;
|
|
sp = ckmalloc(allocsize);
|
|
sp->prev = stackp;
|
|
stacknxt = SPACE(sp);
|
|
stacknleft = allocsize - (stacknxt - (char*)sp);
|
|
sstrend = stacknxt + stacknleft;
|
|
stackp = sp;
|
|
INTON;
|
|
}
|
|
|
|
|
|
pointer
|
|
stalloc(int nbytes)
|
|
{
|
|
char *p;
|
|
|
|
nbytes = ALIGN(nbytes);
|
|
if (nbytes > stacknleft)
|
|
stnewblock(nbytes);
|
|
p = stacknxt;
|
|
stacknxt += nbytes;
|
|
stacknleft -= nbytes;
|
|
return p;
|
|
}
|
|
|
|
|
|
void
|
|
stunalloc(pointer p)
|
|
{
|
|
if (p == NULL) { /*DEBUG */
|
|
write(STDERR_FILENO, "stunalloc\n", 10);
|
|
abort();
|
|
}
|
|
stacknleft += stacknxt - (char *)p;
|
|
stacknxt = p;
|
|
}
|
|
|
|
|
|
char *
|
|
stsavestr(const char *s)
|
|
{
|
|
char *p;
|
|
size_t len;
|
|
|
|
len = strlen(s);
|
|
p = stalloc(len + 1);
|
|
memcpy(p, s, len + 1);
|
|
return p;
|
|
}
|
|
|
|
|
|
void
|
|
setstackmark(struct stackmark *mark)
|
|
{
|
|
mark->stackp = stackp;
|
|
mark->stacknxt = stacknxt;
|
|
mark->stacknleft = stacknleft;
|
|
/* Ensure this block stays in place. */
|
|
if (stackp != NULL && stacknxt == SPACE(stackp))
|
|
stalloc(1);
|
|
}
|
|
|
|
|
|
void
|
|
popstackmark(struct stackmark *mark)
|
|
{
|
|
struct stack_block *sp;
|
|
|
|
INTOFF;
|
|
while (stackp != mark->stackp) {
|
|
sp = stackp;
|
|
stackp = sp->prev;
|
|
ckfree(sp);
|
|
}
|
|
stacknxt = mark->stacknxt;
|
|
stacknleft = mark->stacknleft;
|
|
sstrend = stacknxt + stacknleft;
|
|
INTON;
|
|
}
|
|
|
|
|
|
/*
|
|
* When the parser reads in a string, it wants to stick the string on the
|
|
* stack and only adjust the stack pointer when it knows how big the
|
|
* string is. Stackblock (defined in stack.h) returns a pointer to a block
|
|
* of space on top of the stack and stackblocklen returns the length of
|
|
* this block. Growstackblock will grow this space by at least one byte,
|
|
* possibly moving it (like realloc). Grabstackblock actually allocates the
|
|
* part of the block that has been used.
|
|
*/
|
|
|
|
static void
|
|
growstackblock(int min)
|
|
{
|
|
char *p;
|
|
int newlen;
|
|
char *oldspace;
|
|
int oldlen;
|
|
struct stack_block *sp;
|
|
struct stack_block *oldstackp;
|
|
|
|
if (min < stacknleft)
|
|
min = stacknleft;
|
|
if ((unsigned int)min >=
|
|
INT_MAX / 2 - ALIGN(sizeof(struct stack_block)))
|
|
error("Out of space");
|
|
min += stacknleft;
|
|
min += ALIGN(sizeof(struct stack_block));
|
|
newlen = 512;
|
|
while (newlen < min)
|
|
newlen <<= 1;
|
|
oldspace = stacknxt;
|
|
oldlen = stacknleft;
|
|
|
|
if (stackp != NULL && stacknxt == SPACE(stackp)) {
|
|
INTOFF;
|
|
oldstackp = stackp;
|
|
stackp = oldstackp->prev;
|
|
sp = ckrealloc((pointer)oldstackp, newlen);
|
|
sp->prev = stackp;
|
|
stackp = sp;
|
|
stacknxt = SPACE(sp);
|
|
stacknleft = newlen - (stacknxt - (char*)sp);
|
|
sstrend = stacknxt + stacknleft;
|
|
INTON;
|
|
} else {
|
|
newlen -= ALIGN(sizeof(struct stack_block));
|
|
p = stalloc(newlen);
|
|
if (oldlen != 0)
|
|
memcpy(p, oldspace, oldlen);
|
|
stunalloc(p);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
* The following routines are somewhat easier to use that the above.
|
|
* The user declares a variable of type STACKSTR, which may be declared
|
|
* to be a register. The macro STARTSTACKSTR initializes things. Then
|
|
* the user uses the macro STPUTC to add characters to the string. In
|
|
* effect, STPUTC(c, p) is the same as *p++ = c except that the stack is
|
|
* grown as necessary. When the user is done, she can just leave the
|
|
* string there and refer to it using stackblock(). Or she can allocate
|
|
* the space for it using grabstackstr(). If it is necessary to allow
|
|
* someone else to use the stack temporarily and then continue to grow
|
|
* the string, the user should use grabstack to allocate the space, and
|
|
* then call ungrabstr(p) to return to the previous mode of operation.
|
|
*
|
|
* USTPUTC is like STPUTC except that it doesn't check for overflow.
|
|
* CHECKSTACKSPACE can be called before USTPUTC to ensure that there
|
|
* is space for at least one character.
|
|
*/
|
|
|
|
static char *
|
|
growstrstackblock(int n, int min)
|
|
{
|
|
growstackblock(min);
|
|
return stackblock() + n;
|
|
}
|
|
|
|
char *
|
|
growstackstr(void)
|
|
{
|
|
int len;
|
|
|
|
len = stackblocksize();
|
|
return (growstrstackblock(len, 0));
|
|
}
|
|
|
|
|
|
/*
|
|
* Called from CHECKSTRSPACE.
|
|
*/
|
|
|
|
char *
|
|
makestrspace(int min, char *p)
|
|
{
|
|
int len;
|
|
|
|
len = p - stackblock();
|
|
return (growstrstackblock(len, min));
|
|
}
|
|
|
|
|
|
char *
|
|
stputbin(const char *data, size_t len, char *p)
|
|
{
|
|
CHECKSTRSPACE(len, p);
|
|
memcpy(p, data, len);
|
|
return (p + len);
|
|
}
|
|
|
|
char *
|
|
stputs(const char *data, char *p)
|
|
{
|
|
return (stputbin(data, strlen(data), p));
|
|
}
|