diff --git a/configure.ac b/configure.ac index a8f8c40a559ea0632ecfcaac5748387e0777cfaf..7735f513ab87ae8ffabcfe83fe917c544095cdb4 100644 --- a/configure.ac +++ b/configure.ac @@ -53,6 +53,9 @@ AC_CHECK_LIB(z, gzclose, [], # Obtain compiler/linker options for dependencies PKG_CHECK_MODULES(FONTENC, xproto) +# Checks for library functions. +AC_REPLACE_FUNCS([reallocarray]) + # Allow checking code with lint, sparse, etc. XORG_WITH_LINT LINT_FLAGS="${LINT_FLAGS} ${FONTENC_CFLAGS}" diff --git a/src/Makefile.am b/src/Makefile.am index e37043b9d07bfc5c7a999ead4e54ea3a2c9d9e79..b2df9a6b05de46c742d2b15e5757e29be0eacb0c 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -3,7 +3,8 @@ lib_LTLIBRARIES = libfontenc.la libfontenc_la_SOURCES = \ encparse.c \ fontenc.c \ - fontencI.h + fontencI.h \ + reallocarray.h AM_CFLAGS = \ $(FONTENC_CFLAGS) \ @@ -15,7 +16,7 @@ FONTENCDEFS = -DFONT_ENCODINGS_DIRECTORY=\"$(FONTENCDIR)/encodings.dir\" AM_CPPFLAGS = -I$(top_srcdir)/include $(FONTENCDEFS) -libfontenc_la_LIBADD = @FONTENC_LIBS@ +libfontenc_la_LIBADD = $(LTLIBOBJS) @FONTENC_LIBS@ libfontenc_la_LDFLAGS = -version-number 1:0:0 -no-undefined diff --git a/src/encparse.c b/src/encparse.c index 548110edeb4e1d7d6e30844cd39d84627b4bf04f..b50b193ee8466ea7b225e88083092bb6955c8a36 100644 --- a/src/encparse.c +++ b/src/encparse.c @@ -45,6 +45,7 @@ typedef gzFile FontFilePtr; #include #include "fontencI.h" +#include "reallocarray.h" #define MAXALIASES 20 @@ -453,7 +454,7 @@ setCode(unsigned from, unsigned to, unsigned row_size, return 0; if (*encsize == 0) { *encsize = (index < 256) ? 256 : 0x10000; - *enc = malloc((*encsize) * sizeof(unsigned short)); + *enc = Xmallocarray(*encsize, sizeof(unsigned short)); if (*enc == NULL) { *encsize = 0; return 1; @@ -461,8 +462,8 @@ setCode(unsigned from, unsigned to, unsigned row_size, } else if (*encsize <= index) { *encsize = 0x10000; - if ((newenc = - realloc(*enc, (*encsize) * sizeof(unsigned short))) == NULL) + newenc = Xreallocarray(*enc, *encsize, sizeof(unsigned short)); + if (newenc == NULL) return 1; *enc = newenc; } @@ -634,7 +635,7 @@ parseEncodingFile(FontFilePtr f, int headerOnly) sm->first = first; sm->len = last - first + 1; - newmap = malloc(sm->len * sizeof(unsigned short)); + newmap = Xmallocarray(sm->len, sizeof(unsigned short)); if (newmap == NULL) { free(sm); mapping->client_data = sm = NULL; @@ -719,7 +720,7 @@ parseEncodingFile(FontFilePtr f, int headerOnly) } sn->first = first; sn->len = last - first + 1; - sn->map = malloc(sn->len * sizeof(char *)); + sn->map = Xmallocarray(sn->len, sizeof(char *)); if (sn->map == NULL) { free(sn); mapping->client_data = sn = NULL; @@ -737,7 +738,7 @@ parseEncodingFile(FontFilePtr f, int headerOnly) goto string_mapping; if (namsize == 0) { namsize = (value1) < 256 ? 256 : 0x10000; - nam = malloc(namsize * sizeof(char *)); + nam = Xmallocarray(namsize, sizeof(char *)); if (nam == NULL) { namsize = 0; goto error; @@ -786,7 +787,7 @@ parseEncodingFile(FontFilePtr f, int headerOnly) encoding->aliases = NULL; if (numaliases) { - encoding->aliases = malloc((numaliases + 1) * sizeof(char *)); + encoding->aliases = Xmallocarray(numaliases + 1, sizeof(char *)); if (encoding->aliases == NULL) goto error; for (i = 0; i < numaliases; i++) @@ -986,7 +987,7 @@ FontEncIdentify(const char *fileName) for (alias = encoding->aliases; *alias; alias++) numaliases++; - names = malloc((numaliases + 2) * sizeof(char *)); + names = Xmallocarray(numaliases + 2, sizeof(char *)); if (names == NULL) { free(encoding->aliases); free(encoding); diff --git a/src/fontenc.c b/src/fontenc.c index c4ccd5eb0178e585e0cde838ab40add5e139336e..f5675d8f0a27bf98826169136937fddb278d8aec 100644 --- a/src/fontenc.c +++ b/src/fontenc.c @@ -33,6 +33,7 @@ THE SOFTWARE. #include #include "fontencI.h" +#include "reallocarray.h" /* Functions local to this file */ @@ -808,7 +809,7 @@ FontEncLoad(const char *encoding_name, const char *filename) for (alias = encoding->aliases; *alias; alias++) numaliases++; } - new_aliases = malloc((numaliases + 2) * sizeof(char *)); + new_aliases = Xmallocarray(numaliases + 2, sizeof(char *)); if (new_aliases == NULL) { free(new_name); return NULL; diff --git a/src/reallocarray.c b/src/reallocarray.c new file mode 100644 index 0000000000000000000000000000000000000000..2c301bc86dbd859cfb7c5af61351293e193f219e --- /dev/null +++ b/src/reallocarray.c @@ -0,0 +1,43 @@ +/* $OpenBSD: reallocarray.c,v 1.2 2014/12/08 03:45:00 bcook Exp $ */ +/* + * Copyright (c) 2008 Otto Moerbeek + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include +#include "reallocarray.h" + +/* + * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX + * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW + */ +#define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4)) + +void * +xreallocarray(void *optr, size_t nmemb, size_t size) +{ + if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && + nmemb > 0 && SIZE_MAX / nmemb < size) { + errno = ENOMEM; + return NULL; + } + return realloc(optr, size * nmemb); +} diff --git a/src/reallocarray.h b/src/reallocarray.h new file mode 100644 index 0000000000000000000000000000000000000000..ee38ebf8d955586bebb6aaa96a33444c3a25814f --- /dev/null +++ b/src/reallocarray.h @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice (including the next + * paragraph) shall be included in all copies or substantial portions of the + * Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include + +#ifndef HAVE_REALLOCARRAY +extern _X_HIDDEN void *xreallocarray(void *optr, size_t nmemb, size_t size); +# define reallocarray(ptr, n, size) xreallocarray((ptr), (size_t)(n), (size_t)(size)) +#endif + +#if defined(MALLOC_0_RETURNS_NULL) || defined(__clang_analyzer__) +# define Xreallocarray(ptr, n, size) \ + reallocarray((ptr), ((n) == 0 ? 1 : (n)), size) +#else +# define Xreallocarray(ptr, n, size) reallocarray((ptr), (n), (size)) +#endif + +#define Xmallocarray(n, size) Xreallocarray(NULL, (n), (size))