From owner-svn-src-head@FreeBSD.ORG Fri May 1 19:22:52 2015 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0BFA8218; Fri, 1 May 2015 19:22:52 +0000 (UTC) Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9886711A2; Fri, 1 May 2015 19:22:51 +0000 (UTC) Received: by widdi4 with SMTP id di4so61440796wid.0; Fri, 01 May 2015 12:22:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=bZ/RqG39aTDAFIIVNoKCqfHZgQCs2lgK6rVS76KYZn0=; b=AwXGYZHsgXvGI7PVdVQyN7bLOUVMqgpsSPLcM7mo0TkSBcbTSN5Hcs5j4Fsh20LLAg geE1mgWolVXL4MhxdJM57/43rz1L995e4bndOs/Jrt+d8VS5R8xTJ6VY8EFyalq7YRSo sD+DBXT50r1vzoU9+h1/QD7EsXN+sCmzWLPRm7wuw8BHNexl/64llO585o9jY+JUrUaB rMdr+EknM0cZdCtj/sMfuA97JeWc+YQl2UZKZmi+oKDB75Ywz7GDjlC5JB5sZU04qQPj CrHF5uMjmasceq3H5w5+5X0qsrtNQzCEg/Dc/bwqQXOvqgpTqZ/Hf2yj4BJm3ytX4m6b Bw/A== MIME-Version: 1.0 X-Received: by 10.194.80.5 with SMTP id n5mr20619531wjx.123.1430508170163; Fri, 01 May 2015 12:22:50 -0700 (PDT) Sender: pluknet@gmail.com Received: by 10.27.80.202 with HTTP; Fri, 1 May 2015 12:22:50 -0700 (PDT) In-Reply-To: <201505011832.t41IWGSs002284@svn.freebsd.org> References: <201505011832.t41IWGSs002284@svn.freebsd.org> Date: Fri, 1 May 2015 22:22:50 +0300 X-Google-Sender-Auth: XQpzbHwYPrpRKmafkzUyFMOYL_4 Message-ID: Subject: Re: svn commit: r282314 - in head: include lib/libc/stdlib From: Sergey Kandaurov To: Baptiste Daroussin Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 May 2015 19:22:52 -0000 On 1 May 2015 at 21:32, Baptiste Daroussin wrote: > Author: bapt > Date: Fri May 1 18:32:16 2015 > New Revision: 282314 > URL: https://svnweb.freebsd.org/changeset/base/282314 > > Log: > Import reallocarray(3) from OpenBSD > > Add a manpage for it, assign the copyright to the OpenBSD project on it since it > is mostly copy/paste from OpenBSD manpage. > style(9) fixes >[..] > Added: head/lib/libc/stdlib/reallocarray.3 > ============================================================================== > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ head/lib/libc/stdlib/reallocarray.3 Fri May 1 18:32:16 2015 (r282314) > @@ -0,0 +1,136 @@ > +.\" Copyright (c) 2015 OpenBSD > +.\" All rights reserved. This copyright notice looks suspicious. > +.\" > +.\" This code is derived from software contributed to Berkeley by > +.\" the American National Standards Committee X3, on Information > +.\" Processing Systems. > +.\" > +.\" Redistribution and use in source and binary forms, with or without > +.\" modification, are permitted provided that the following conditions > +.\" are met: > +.\" 1. Redistributions of source code must retain the above copyright > +.\" notice, this list of conditions and the following disclaimer. > +.\" 2. Redistributions in binary form must reproduce the above copyright > +.\" notice, this list of conditions and the following disclaimer in the > +.\" documentation and/or other materials provided with the distribution. > +.\" > +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND > +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE > +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE > +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL > +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS > +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT > +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY > +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF > +.\" SUCH DAMAGE. > +.\" > +.\" $FreeBSD$ > +.\" > +.Dd May 1, 2015 > +.Dt REALLOCARRAY 3 > +.Os > +.Sh NAME > +.Nm reallocarray > +.Nd memory reallocation function > +.Sh LIBRARY > +.Lb libc > +.Sh SYNOPSIS > +.In stdlib.h > +.Ft void * > +.Fn reallocarray "void *ptr" "size_t nmemb" "size_t size" > +.Sh DESCRIPTION > +The > +.Fn reallocarray > +except it operates on This is not parseable. > +.Fa nmemb > +members of size > +.Fa size > +and checks for integer overflow in the calculation > +.Fa nmemb > +* > +.Fa size . > +.Sh RETURN VALUES > +.Fn reallocarray > +return a pointer to the allocated space; otherwise, a > +.Dv NULL > +pointer is returned and > +.Va errno > +is set to > +.Er ENOMEM . > +.Sh EXAMPLES > +Consider > +.Fn reallocarray > +when there is multiplication in the > +.Fa size > +argument of > +.Fn malloc > +or > +.Fn realloc . > +For example, avoid this common idiom as it may lead to integer overflow: > +.Bd -literal -offset indent > +if ((p = malloc(num * size)) == NULL) > + err(1, "malloc"); > +.Ed > +.Pp > +A drop-in replacement is the > +.Ox > +extension > +.Fn reallocarray : > +.Bd -literal -offset indent > +if ((p = reallocarray(NULL, num, size)) == NULL) > + err(1, "reallocarray"); > +.Ed > +.Pp > +When using > +.Fn realloc , > +be careful to avoid the following idiom: > +.Bd -literal -offset indent > +size += 50; > +if ((p = realloc(p, size)) == NULL) > + return (NULL); > +.Ed > +.Pp > +Do not adjust the variable describing how much memory has been allocated > +until the allocation has been successful. > +This can cause aberrant program behavior if the incorrect size value is used. > +In most cases, the above sample will also result in a leak of memory. > +As stated earlier, a return value of > +.Dv NULL > +indicates that the old object still remains allocated. > +Better code looks like this: > +.Bd -literal -offset indent > +newsize = size + 50; > +if ((newp = realloc(p, newsize)) == NULL) { > + free(p); > + p = NULL; > + size = 0; > + return (NULL); > +} > +p = newp; > +size = newsize; > +.Ed > +.Pp > +As with > +.Fn malloc , > +it is important to ensure the new size value will not overflow; > +i.e. avoid allocations like the following: > +.Bd -literal -offset indent > +if ((newp = realloc(p, num * size)) == NULL) { > + ... > +.Ed > +.Pp > +Instead, use > +.Fn reallocarray : > +.Bd -literal -offset indent > +if ((newp = reallocarray(p, num, size)) == NULL) { > + ... > +.Ed > +.Sh SEE ALSO > +.Xr realloc 3 > +.Sh HISTORY > +The > +.Fn reallocf > +function first appeared in > +.Ox 5.6 . This looks unrelative and untrue. -- wbr, pluknet