From 54091cfc827e8a2a18fc61f70f5c2fae197d6997 Mon Sep 17 00:00:00 2001
From: stefanf <stefanf@FreeBSD.org>
Date: Fri, 28 Oct 2005 10:45:19 +0000
Subject: Protect malloc, realloc and free calls with INT{ON,OFF} directly in
 chkalloc, ckrealloc and ckfree (added), respectively.  sh jumps out of the
 signal handler using longjmp which is obviously a bad idea during malloc
 calls.

Note: I think there is still a small race here because volatile sig_atomic_t
only guarantees atomic reads and writes while we're doing increments and
decrements.

Protect a setmode call with INT{ON,OFF} as it calls malloc internally.

PR:		45478
Patch from:	Nate Eldredge
---
 bin/sh/memalloc.c  | 18 ++++++++++++++++--
 bin/sh/memalloc.h  |  3 +--
 bin/sh/miscbltin.c |  2 ++
 3 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/bin/sh/memalloc.c b/bin/sh/memalloc.c
index 60f9203..115eea0 100644
--- a/bin/sh/memalloc.c
+++ b/bin/sh/memalloc.c
@@ -57,7 +57,10 @@ ckmalloc(int nbytes)
 {
 	pointer p;
 
-	if ((p = malloc(nbytes)) == NULL)
+	INTOFF;
+	p = malloc(nbytes);
+	INTON;
+	if (p == NULL)
 		error("Out of space");
 	return p;
 }
@@ -70,11 +73,22 @@ ckmalloc(int nbytes)
 pointer
 ckrealloc(pointer p, int nbytes)
 {
-	if ((p = realloc(p, nbytes)) == NULL)
+	INTOFF;
+	p = realloc(p, nbytes);
+	INTON;
+	if (p == NULL)
 		error("Out of space");
 	return p;
 }
 
+void
+ckfree(pointer p)
+{
+	INTOFF;
+	free(p);
+	INTON;
+}
+
 
 /*
  * Make a copy of a string in safe storage.
diff --git a/bin/sh/memalloc.h b/bin/sh/memalloc.h
index 254d27b..3475442 100644
--- a/bin/sh/memalloc.h
+++ b/bin/sh/memalloc.h
@@ -48,6 +48,7 @@ extern int herefd;
 
 pointer ckmalloc(int);
 pointer ckrealloc(pointer, int);
+void ckfree(pointer);
 char *savestr(char *);
 pointer stalloc(int);
 void stunalloc(pointer);
@@ -72,5 +73,3 @@ void ungrabstackstr(char *, char *);
 #define STTOPC(p)	p[-1]
 #define STADJUST(amount, p)	(p += (amount), sstrnleft -= (amount))
 #define grabstackstr(p)	stalloc(stackblocksize() - sstrnleft)
-
-#define ckfree(p)	free((pointer)(p))
diff --git a/bin/sh/miscbltin.c b/bin/sh/miscbltin.c
index d36f9e3..7c8981b 100644
--- a/bin/sh/miscbltin.c
+++ b/bin/sh/miscbltin.c
@@ -274,12 +274,14 @@ umaskcmd(int argc __unused, char **argv)
 			umask(mask);
 		} else {
 			void *set;
+			INTOFF;
 			if ((set = setmode (ap)) == 0)
 				error("Illegal number: %s", ap);
 
 			mask = getmode (set, ~mask & 0777);
 			umask(~mask & 0777);
 			free(set);
+			INTON;
 		}
 	}
 	return 0;
-- 
cgit v1.1