diff options
| author | stefanf <stefanf@FreeBSD.org> | 2005-10-28 10:45:19 +0000 |
|---|---|---|
| committer | stefanf <stefanf@FreeBSD.org> | 2005-10-28 10:45:19 +0000 |
| commit | 54091cfc827e8a2a18fc61f70f5c2fae197d6997 (patch) | |
| tree | 90a53b77b5ce252eb80e70be38ddf646e528c634 /bin | |
| parent | 175c41b86af872bde2bead127e56ad848b0e3eb7 (diff) | |
| download | FreeBSD-src-54091cfc827e8a2a18fc61f70f5c2fae197d6997.zip FreeBSD-src-54091cfc827e8a2a18fc61f70f5c2fae197d6997.tar.gz | |
Protect malloc, realloc and free calls with INT{ON,OFF} directly in chkalloc,
ckrealloc and ckfree (added), respectively. sh jumps out of the signal handler
using longjmp which is obviously a bad idea during malloc calls.
Note: I think there is still a small race here because volatile sig_atomic_t
only guarantees atomic reads and writes while we're doing increments and
decrements.
Protect a setmode call with INT{ON,OFF} as it calls malloc internally.
PR: 45478
Patch from: Nate Eldredge
Diffstat (limited to 'bin')
| -rw-r--r-- | bin/sh/memalloc.c | 18 | ||||
| -rw-r--r-- | bin/sh/memalloc.h | 3 | ||||
| -rw-r--r-- | bin/sh/miscbltin.c | 2 |
3 files changed, 19 insertions, 4 deletions
diff --git a/bin/sh/memalloc.c b/bin/sh/memalloc.c index 60f9203..115eea0 100644 --- a/bin/sh/memalloc.c +++ b/bin/sh/memalloc.c @@ -57,7 +57,10 @@ ckmalloc(int nbytes) { pointer p; - if ((p = malloc(nbytes)) == NULL) + INTOFF; + p = malloc(nbytes); + INTON; + if (p == NULL) error("Out of space"); return p; } @@ -70,11 +73,22 @@ ckmalloc(int nbytes) pointer ckrealloc(pointer p, int nbytes) { - if ((p = realloc(p, nbytes)) == NULL) + INTOFF; + p = realloc(p, nbytes); + INTON; + if (p == NULL) error("Out of space"); return p; } +void +ckfree(pointer p) +{ + INTOFF; + free(p); + INTON; +} + /* * Make a copy of a string in safe storage. diff --git a/bin/sh/memalloc.h b/bin/sh/memalloc.h index 254d27b..3475442 100644 --- a/bin/sh/memalloc.h +++ b/bin/sh/memalloc.h @@ -48,6 +48,7 @@ extern int herefd; pointer ckmalloc(int); pointer ckrealloc(pointer, int); +void ckfree(pointer); char *savestr(char *); pointer stalloc(int); void stunalloc(pointer); @@ -72,5 +73,3 @@ void ungrabstackstr(char *, char *); #define STTOPC(p) p[-1] #define STADJUST(amount, p) (p += (amount), sstrnleft -= (amount)) #define grabstackstr(p) stalloc(stackblocksize() - sstrnleft) - -#define ckfree(p) free((pointer)(p)) diff --git a/bin/sh/miscbltin.c b/bin/sh/miscbltin.c index d36f9e3..7c8981b 100644 --- a/bin/sh/miscbltin.c +++ b/bin/sh/miscbltin.c @@ -274,12 +274,14 @@ umaskcmd(int argc __unused, char **argv) umask(mask); } else { void *set; + INTOFF; if ((set = setmode (ap)) == 0) error("Illegal number: %s", ap); mask = getmode (set, ~mask & 0777); umask(~mask & 0777); free(set); + INTON; } } return 0; |
