From owner-svn-src-head@freebsd.org Wed Jan 17 18:18:34 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ED185E7EE0B; Wed, 17 Jan 2018 18:18:34 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C98F67B0C4; Wed, 17 Jan 2018 18:18:34 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1DDA112EF6; Wed, 17 Jan 2018 18:18:34 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w0HIIXS7009280; Wed, 17 Jan 2018 18:18:33 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w0HIIXhv009277; Wed, 17 Jan 2018 18:18:33 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201801171818.w0HIIXhv009277@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Wed, 17 Jan 2018 18:18:33 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r328093 - in head/sys/ufs: ffs ufs X-SVN-Group: head X-SVN-Commit-Author: pfg X-SVN-Commit-Paths: in head/sys/ufs: ffs ufs X-SVN-Commit-Revision: 328093 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jan 2018 18:18:35 -0000 Author: pfg Date: Wed Jan 17 18:18:33 2018 New Revision: 328093 URL: https://svnweb.freebsd.org/changeset/base/328093 Log: ufs: use mallocarray(9). Basic use of mallocarray to prevent overflows: static analyzers are also likely to perform additional checks. Since mallocarray expects unsigned parameters, unsign some related variables to minimize sign conversions. Reviewed by: mckusick Modified: head/sys/ufs/ffs/ffs_snapshot.c head/sys/ufs/ffs/ffs_softdep.c head/sys/ufs/ufs/ufs_vnops.c Modified: head/sys/ufs/ffs/ffs_snapshot.c ============================================================================== --- head/sys/ufs/ffs/ffs_snapshot.c Wed Jan 17 17:58:24 2018 (r328092) +++ head/sys/ufs/ffs/ffs_snapshot.c Wed Jan 17 18:18:33 2018 (r328093) @@ -648,7 +648,7 @@ loop: * keep us out of deadlock until the full one is ready. */ if (xp == NULL) { - snapblklist = malloc(snaplistsize * sizeof(daddr_t), + snapblklist = mallocarray(snaplistsize, sizeof(daddr_t), M_UFSMNT, M_WAITOK); blkp = &snapblklist[1]; *blkp++ = lblkno(fs, fs->fs_sblockloc); @@ -729,7 +729,7 @@ out1: /* * Allocate space for the full list of preallocated snapshot blocks. */ - snapblklist = malloc(snaplistsize * sizeof(daddr_t), + snapblklist = mallocarray(snaplistsize, sizeof(daddr_t), M_UFSMNT, M_WAITOK); ip->i_snapblklist = &snapblklist[1]; /* Modified: head/sys/ufs/ffs/ffs_softdep.c ============================================================================== --- head/sys/ufs/ffs/ffs_softdep.c Wed Jan 17 17:58:24 2018 (r328092) +++ head/sys/ufs/ffs/ffs_softdep.c Wed Jan 17 18:18:33 2018 (r328093) @@ -2466,7 +2466,8 @@ softdep_mount(devvp, mp, fs, cred) struct ufsmount *ump; struct cg *cgp; struct buf *bp; - int i, error, cyl; + u_int cyl, i; + int error; sdp = malloc(sizeof(struct mount_softdeps), M_MOUNTDATA, M_WAITOK | M_ZERO); @@ -2500,7 +2501,7 @@ softdep_mount(devvp, mp, fs, cred) ump->bmsafemap_hashtbl = hashinit(1024, M_BMSAFEMAP, &ump->bmsafemap_hash_size); i = 1 << (ffs(desiredvnodes / 10) - 1); - ump->indir_hashtbl = malloc(i * sizeof(struct indir_hashhead), + ump->indir_hashtbl = mallocarray(i, sizeof(struct indir_hashhead), M_FREEWORK, M_WAITOK); ump->indir_hash_size = i - 1; for (i = 0; i <= ump->indir_hash_size; i++) @@ -2627,8 +2628,8 @@ jblocks_create(void) jblocks = malloc(sizeof(*jblocks), M_JBLOCKS, M_WAITOK | M_ZERO); TAILQ_INIT(&jblocks->jb_segs); jblocks->jb_avail = 10; - jblocks->jb_extent = malloc(sizeof(struct jextent) * jblocks->jb_avail, - M_JBLOCKS, M_WAITOK | M_ZERO); + jblocks->jb_extent = mallocarray(jblocks->jb_avail, + sizeof(struct jextent), M_JBLOCKS, M_WAITOK | M_ZERO); return (jblocks); } @@ -2713,7 +2714,7 @@ jblocks_add(jblocks, daddr, blocks) /* Adding a new extent. */ if (++jblocks->jb_used == jblocks->jb_avail) { jblocks->jb_avail *= 2; - jext = malloc(sizeof(struct jextent) * jblocks->jb_avail, + jext = mallocarray(jblocks->jb_avail, sizeof(struct jextent), M_JBLOCKS, M_WAITOK | M_ZERO); memcpy(jext, jblocks->jb_extent, sizeof(struct jextent) * jblocks->jb_used); Modified: head/sys/ufs/ufs/ufs_vnops.c ============================================================================== --- head/sys/ufs/ufs/ufs_vnops.c Wed Jan 17 17:58:24 2018 (r328092) +++ head/sys/ufs/ufs/ufs_vnops.c Wed Jan 17 18:18:33 2018 (r328093) @@ -2170,7 +2170,7 @@ ufs_readdir(ap) off_t offset, startoffset; size_t readcnt, skipcnt; ssize_t startresid; - int ncookies; + u_int ncookies; int error; if (uio->uio_offset < 0) @@ -2185,7 +2185,8 @@ ufs_readdir(ap) else if (ip->i_size - uio->uio_offset < ncookies) ncookies = ip->i_size - uio->uio_offset; ncookies = ncookies / (offsetof(struct direct, d_name) + 4) + 1; - cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK); + cookies = mallocarray(ncookies, sizeof(*cookies), M_TEMP, + M_WAITOK); *ap->a_ncookies = ncookies; *ap->a_cookies = cookies; } else {