Date: Mon, 5 May 2014 16:19:54 -0600 From: Warner Losh <imp@bsdimp.com> To: Pedro Giffuni <pfg@FreeBSD.org> Cc: svn-src-head@freebsd.org, Andrey Chernov <ache@freebsd.org>, svn-src-all@freebsd.org, src-committers@freebsd.org, David Chisnall <theraven@FreeBSD.org> Subject: Re: svn commit: r265367 - head/lib/libc/regex Message-ID: <04AFAEF4-1AF7-4310-9248-8654B1EAA560@gmail.com> In-Reply-To: <53680C72.10809@FreeBSD.org> References: <201405051641.s45GfFje086423@svn.freebsd.org> <5367CD77.40909@freebsd.org> <B11B5B25-8E05-4225-93D5-3A607332F19A@FreeBSD.org> <5367EB54.1080109@FreeBSD.org> <3C7CFFB7-5C84-4AC1-9A81-C718D184E87B@FreeBSD.org> <53680C72.10809@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 5, 2014, at 4:10 PM, Pedro Giffuni <pfg@FreeBSD.org> wrote: > El 5/5/2014 4:21 PM, David Chisnall escribi=F3: >> On 5 May 2014, at 20:49, Pedro Giffuni <pfg@FreeBSD.org> wrote: >>=20 >>> Yes, but I reverted it because there are other ways to check for = overflows without the performance hit. >>=20 >=20 > FWIW, in this particular case I think the overflow simply doesn't = happen: apparently it is easier to be hit by a DoS first. >=20 >=20 >> Do we have a good reusable routine for doing this somewhere? Clang = and gcc both have some idiom recognisers that try to spot when people = are attempting to do this. Clang also has a builtin, which would be = good to use when available. Overflow checking is very cheap on modern = CPUs (add, branch on carry), so it would be nice if we could start = looking for this malloc() and realloc() pattern and replacing the = multiply with something that checks for the error. >>=20 >=20 > We don't. OpenBSD introduced an extension: reallocarray(). We do. reallocf(), which first appeared in FreeBSD 3.0. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?04AFAEF4-1AF7-4310-9248-8654B1EAA560>