Use mallocarray(9) in dirhash.

Basic use of mallocarray to prevent overflows. Here allocation is done with M_NOWAIT so the code is prepared for the possibility of returning NULL values. Since mallocarray expects unsigned parameters, unsign some related variables to minimize sign conversions. Reviewed by: mckusick
2018-01-10 19:45:38 +00:00 · 2018-01-10 19:45:38 +00:00 · d269f13cdd
commit d269f13cdd
parent b5f33a8488
1 changed files with 4 additions and 3 deletions
--- a/sys/ufs/ufs/ufs_dirhash.c
+++ b/sys/ufs/ufs/ufs_dirhash.c
@ -349,7 +349,8 @@ ufsdirhash_build(struct inode *ip)
 	struct direct *ep;
 	struct vnode *vp;
 	doff_t bmask, pos;
-	int dirblocks, i, j, memreqd, nblocks, narrays, nslots, slot;
+	int j, memreqd, slot;
+	u_int dirblocks, i, nblocks, narrays, nslots;

 	/* Take care of a decreased sysctl value. */
 	while (ufs_dirhashmem > ufs_dirhashmaxmem) {
@ -415,11 +416,11 @@ ufsdirhash_build(struct inode *ip)
 	 * Use non-blocking mallocs so that we will revert to a linear
 	 * lookup on failure rather than potentially blocking forever.
 	 */
-	dh->dh_hash = malloc(narrays * sizeof(dh->dh_hash[0]),
+	dh->dh_hash = mallocarray(narrays, sizeof(dh->dh_hash[0]),
 	    M_DIRHASH, M_NOWAIT | M_ZERO);
 	if (dh->dh_hash == NULL)
 		goto fail;
-	dh->dh_blkfree = malloc(nblocks * sizeof(dh->dh_blkfree[0]),
+	dh->dh_blkfree = mallocarray(nblocks, sizeof(dh->dh_blkfree[0]),
 	    M_DIRHASH, M_NOWAIT);
 	if (dh->dh_blkfree == NULL)
 		goto fail;