Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 17 Jan 2018 18:18:33 +0000 (UTC)
From:      "Pedro F. Giffuni" <pfg@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r328093 - in head/sys/ufs: ffs ufs
Message-ID:  <201801171818.w0HIIXhv009277@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: pfg
Date: Wed Jan 17 18:18:33 2018
New Revision: 328093
URL: https://svnweb.freebsd.org/changeset/base/328093

Log:
  ufs: use mallocarray(9).
  
  Basic use of mallocarray to prevent overflows: static analyzers are also
  likely to perform additional checks.
  
  Since mallocarray expects unsigned parameters, unsign some
  related variables to minimize sign conversions.
  
  Reviewed by:	mckusick

Modified:
  head/sys/ufs/ffs/ffs_snapshot.c
  head/sys/ufs/ffs/ffs_softdep.c
  head/sys/ufs/ufs/ufs_vnops.c

Modified: head/sys/ufs/ffs/ffs_snapshot.c
==============================================================================
--- head/sys/ufs/ffs/ffs_snapshot.c	Wed Jan 17 17:58:24 2018	(r328092)
+++ head/sys/ufs/ffs/ffs_snapshot.c	Wed Jan 17 18:18:33 2018	(r328093)
@@ -648,7 +648,7 @@ loop:
 	 * keep us out of deadlock until the full one is ready.
 	 */
 	if (xp == NULL) {
-		snapblklist = malloc(snaplistsize * sizeof(daddr_t),
+		snapblklist = mallocarray(snaplistsize, sizeof(daddr_t),
 		    M_UFSMNT, M_WAITOK);
 		blkp = &snapblklist[1];
 		*blkp++ = lblkno(fs, fs->fs_sblockloc);
@@ -729,7 +729,7 @@ out1:
 	/*
 	 * Allocate space for the full list of preallocated snapshot blocks.
 	 */
-	snapblklist = malloc(snaplistsize * sizeof(daddr_t),
+	snapblklist = mallocarray(snaplistsize, sizeof(daddr_t),
 	    M_UFSMNT, M_WAITOK);
 	ip->i_snapblklist = &snapblklist[1];
 	/*

Modified: head/sys/ufs/ffs/ffs_softdep.c
==============================================================================
--- head/sys/ufs/ffs/ffs_softdep.c	Wed Jan 17 17:58:24 2018	(r328092)
+++ head/sys/ufs/ffs/ffs_softdep.c	Wed Jan 17 18:18:33 2018	(r328093)
@@ -2466,7 +2466,8 @@ softdep_mount(devvp, mp, fs, cred)
 	struct ufsmount *ump;
 	struct cg *cgp;
 	struct buf *bp;
-	int i, error, cyl;
+	u_int cyl, i;
+	int error;
 
 	sdp = malloc(sizeof(struct mount_softdeps), M_MOUNTDATA,
 	    M_WAITOK | M_ZERO);
@@ -2500,7 +2501,7 @@ softdep_mount(devvp, mp, fs, cred)
 	ump->bmsafemap_hashtbl = hashinit(1024, M_BMSAFEMAP,
 	    &ump->bmsafemap_hash_size);
 	i = 1 << (ffs(desiredvnodes / 10) - 1);
-	ump->indir_hashtbl = malloc(i * sizeof(struct indir_hashhead),
+	ump->indir_hashtbl = mallocarray(i, sizeof(struct indir_hashhead),
 	    M_FREEWORK, M_WAITOK);
 	ump->indir_hash_size = i - 1;
 	for (i = 0; i <= ump->indir_hash_size; i++)
@@ -2627,8 +2628,8 @@ jblocks_create(void)
 	jblocks = malloc(sizeof(*jblocks), M_JBLOCKS, M_WAITOK | M_ZERO);
 	TAILQ_INIT(&jblocks->jb_segs);
 	jblocks->jb_avail = 10;
-	jblocks->jb_extent = malloc(sizeof(struct jextent) * jblocks->jb_avail,
-	    M_JBLOCKS, M_WAITOK | M_ZERO);
+	jblocks->jb_extent = mallocarray(jblocks->jb_avail,
+	    sizeof(struct jextent), M_JBLOCKS, M_WAITOK | M_ZERO);
 
 	return (jblocks);
 }
@@ -2713,7 +2714,7 @@ jblocks_add(jblocks, daddr, blocks)
 	/* Adding a new extent. */
 	if (++jblocks->jb_used == jblocks->jb_avail) {
 		jblocks->jb_avail *= 2;
-		jext = malloc(sizeof(struct jextent) * jblocks->jb_avail,
+		jext = mallocarray(jblocks->jb_avail, sizeof(struct jextent),
 		    M_JBLOCKS, M_WAITOK | M_ZERO);
 		memcpy(jext, jblocks->jb_extent,
 		    sizeof(struct jextent) * jblocks->jb_used);

Modified: head/sys/ufs/ufs/ufs_vnops.c
==============================================================================
--- head/sys/ufs/ufs/ufs_vnops.c	Wed Jan 17 17:58:24 2018	(r328092)
+++ head/sys/ufs/ufs/ufs_vnops.c	Wed Jan 17 18:18:33 2018	(r328093)
@@ -2170,7 +2170,7 @@ ufs_readdir(ap)
 	off_t offset, startoffset;
 	size_t readcnt, skipcnt;
 	ssize_t startresid;
-	int ncookies;
+	u_int ncookies;
 	int error;
 
 	if (uio->uio_offset < 0)
@@ -2185,7 +2185,8 @@ ufs_readdir(ap)
 		else if (ip->i_size - uio->uio_offset < ncookies)
 			ncookies = ip->i_size - uio->uio_offset;
 		ncookies = ncookies / (offsetof(struct direct, d_name) + 4) + 1;
-		cookies = malloc(ncookies * sizeof(*cookies), M_TEMP, M_WAITOK);
+		cookies = mallocarray(ncookies, sizeof(*cookies), M_TEMP,
+		    M_WAITOK);
 		*ap->a_ncookies = ncookies;
 		*ap->a_cookies = cookies;
 	} else {



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201801171818.w0HIIXhv009277>