[PATCH] malloc-debug: Return 0 on NULL input [BZ #28506]

[PATCH] malloc-debug: Return 0 on NULL input [BZ #28506]

[Siddhesh Poyarekar]

Hoist the NULL check for malloc_usable_size into its entry points in
malloc-debug and malloc and assume non-NULL in all callees.  This fixes
BZ #28506

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
---
 malloc/malloc-debug.c | 12 ++++++------
 malloc/malloc.c       | 23 ++++++++++-------------
 2 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/malloc/malloc-debug.c b/malloc/malloc-debug.c
index 9922ef5f25..5e954d7dc2 100644
--- a/malloc/malloc-debug.c
+++ b/malloc/malloc-debug.c
@@ -399,17 +399,17 @@ strong_alias (__debug_calloc, calloc)
 size_t
 malloc_usable_size (void *mem)
 {
+  if (mem == NULL)
+    return 0;
+
   if (__is_malloc_debug_enabled (MALLOC_MCHECK_HOOK))
     return mcheck_usable_size (mem);
   if (__is_malloc_debug_enabled (MALLOC_CHECK_HOOK))
     return malloc_check_get_size (mem);
 
-  if (mem != NULL)
-    {
-      mchunkptr p = mem2chunk (mem);
-     if (DUMPED_MAIN_ARENA_CHUNK (p))
-       return chunksize (p) - SIZE_SZ;
-    }
+  mchunkptr p = mem2chunk (mem);
+  if (DUMPED_MAIN_ARENA_CHUNK (p))
+    return chunksize (p) - SIZE_SZ;
 
   return musable (mem);
 }
diff --git a/malloc/malloc.c b/malloc/malloc.c
index 2ba1fee144..9a345572a1 100644
--- a/malloc/malloc.c
+++ b/malloc/malloc.c
@@ -5008,29 +5008,26 @@ static size_t
 musable (void *mem)
 {
   mchunkptr p;
-  if (mem != 0)
-    {
-      size_t result = 0;
+  size_t result = 0;
 
-      p = mem2chunk (mem);
+  p = mem2chunk (mem);
 
-      if (chunk_is_mmapped (p))
-	result = chunksize (p) - CHUNK_HDR_SZ;
-      else if (inuse (p))
-	result = memsize (p);
+  if (chunk_is_mmapped (p))
+    result = chunksize (p) - CHUNK_HDR_SZ;
+  else if (inuse (p))
+    result = memsize (p);
 
-      return result;
-    }
-  return 0;
+  return result;
 }
 
 #if IS_IN (libc)
 size_t
 __malloc_usable_size (void *m)
 {
-  size_t result;
+  size_t result = 0;
 
-  result = musable (m);
+  if (m != NULL)
+    result = musable (m);
   return result;
 }
 #endif
-- 
2.31.1

Re: [PATCH] malloc-debug: Return 0 on NULL input [BZ #28506]

[Siddhesh Poyarekar]

On 10/29/21 08:35, Siddhesh Poyarekar via Libc-alpha wrote:
> Hoist the NULL check for malloc_usable_size into its entry points in
> malloc-debug and malloc and assume non-NULL in all callees.  This fixes
> BZ #28506
> 
> Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

Sorry that was a very lazy submission, I'm sending a v2 with a test and 
a better subject line.

Siddhesh

Re: [PATCH] malloc-debug: Return 0 on NULL input [BZ #28506]

[Richard W.M. Jones]

On Fri, Oct 29, 2021 at 08:35:28AM +0530, Siddhesh Poyarekar wrote:
> Hoist the NULL check for malloc_usable_size into its entry points in
> malloc-debug and malloc and assume non-NULL in all callees.  This fixes
> BZ #28506
> 
> Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
> ---
>  malloc/malloc-debug.c | 12 ++++++------
>  malloc/malloc.c       | 23 ++++++++++-------------
>  2 files changed, 16 insertions(+), 19 deletions(-)
> 
> diff --git a/malloc/malloc-debug.c b/malloc/malloc-debug.c
> index 9922ef5f25..5e954d7dc2 100644
> --- a/malloc/malloc-debug.c
> +++ b/malloc/malloc-debug.c
> @@ -399,17 +399,17 @@ strong_alias (__debug_calloc, calloc)
>  size_t
>  malloc_usable_size (void *mem)
>  {
> +  if (mem == NULL)
> +    return 0;
> +
>    if (__is_malloc_debug_enabled (MALLOC_MCHECK_HOOK))
>      return mcheck_usable_size (mem);
>    if (__is_malloc_debug_enabled (MALLOC_CHECK_HOOK))
>      return malloc_check_get_size (mem);
>  
> -  if (mem != NULL)
> -    {
> -      mchunkptr p = mem2chunk (mem);
> -     if (DUMPED_MAIN_ARENA_CHUNK (p))
> -       return chunksize (p) - SIZE_SZ;
> -    }
> +  mchunkptr p = mem2chunk (mem);
> +  if (DUMPED_MAIN_ARENA_CHUNK (p))
> +    return chunksize (p) - SIZE_SZ;
>  
>    return musable (mem);
>  }
> diff --git a/malloc/malloc.c b/malloc/malloc.c
> index 2ba1fee144..9a345572a1 100644
> --- a/malloc/malloc.c
> +++ b/malloc/malloc.c
> @@ -5008,29 +5008,26 @@ static size_t
>  musable (void *mem)
>  {
>    mchunkptr p;
> -  if (mem != 0)
> -    {
> -      size_t result = 0;
> +  size_t result = 0;
>  
> -      p = mem2chunk (mem);
> +  p = mem2chunk (mem);
>  
> -      if (chunk_is_mmapped (p))
> -	result = chunksize (p) - CHUNK_HDR_SZ;
> -      else if (inuse (p))
> -	result = memsize (p);
> +  if (chunk_is_mmapped (p))
> +    result = chunksize (p) - CHUNK_HDR_SZ;
> +  else if (inuse (p))
> +    result = memsize (p);
>  
> -      return result;
> -    }
> -  return 0;
> +  return result;
>  }
>  
>  #if IS_IN (libc)
>  size_t
>  __malloc_usable_size (void *m)
>  {
> -  size_t result;
> +  size_t result = 0;
>  
> -  result = musable (m);
> +  if (m != NULL)
> +    result = musable (m);
>    return result;
>  }
>  #endif

I'm not easily able to test libc changes.  However from visual
inspection of the patch it looks as if it fixes the
malloc_usable_size(NULL) case correctly, so:

Reviewed-by: Richard W.M. Jones <rjones@redhat.com>

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html