[PATCH] getaddrinfo: Get rid of alloca
Joe Simmons-Talbott
josimmon@redhat.com
Fri Jun 30 14:42:21 GMT 2023
On Fri, Jun 30, 2023 at 10:15:48AM -0300, Adhemerval Zanella Netto wrote:
>
>
> On 20/06/23 18:40, Joe Simmons-Talbott via Libc-alpha wrote:
> > Use a scratch_buffer rather than alloca to avoid potential stack
> > overflow.
> > ---
> > sysdeps/posix/getaddrinfo.c | 22 ++++++++--------------
> > 1 file changed, 8 insertions(+), 14 deletions(-)
> >
> > diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
> > index 0356b622be..442475d621 100644
> > --- a/sysdeps/posix/getaddrinfo.c
> > +++ b/sysdeps/posix/getaddrinfo.c
> > @@ -2404,22 +2404,17 @@ getaddrinfo (const char *name, const char *service,
> > struct addrinfo *q;
> > struct addrinfo *last = NULL;
> > char *canonname = NULL;
> > - bool malloc_results;
> > size_t alloc_size = nresults * (sizeof (*results) + sizeof (size_t));
> > + struct scratch_buffer buf;
> > + scratch_buffer_init (&buf);
> >
> > - malloc_results
> > - = !__libc_use_alloca (alloc_size);
> > - if (malloc_results)
> > + if (!scratch_buffer_set_array_size (&buf, 1, alloc_size))
>
> I think it would be better to use:
>
> if (!scratch_buffer_set_array_size (&buf, nresults,
> sizeof (*results) + sizeof (size_t)))
> [...]
>
> To use the overflow checks done by scratch_buffer_set_array_size (
> sizeof (*results) + sizeof (size_t) is always safe so I think there is no
> need to add extra checks).
You are correct. Thanks for catching that and for the review. I've
pushed your suggestion as v2.
Thanks,
Joe
More information about the Libc-alpha
mailing list