From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oa1-x35.google.com (mail-oa1-x35.google.com [IPv6:2001:4860:4864:20::35]) by sourceware.org (Postfix) with ESMTPS id 2626E3858D28 for ; Mon, 28 Aug 2023 16:52:35 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 2626E3858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-oa1-x35.google.com with SMTP id 586e51a60fabf-1c50438636fso2302389fac.1 for ; Mon, 28 Aug 2023 09:52:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1693241553; x=1693846353; h=content-transfer-encoding:in-reply-to:organization:from:references :to:content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=0e/vSQcm0AlIrfpsEyrmVzyaF5se+1GgUsztO+Cgx84=; b=N+sCvgP2fQRRb00GGtshXa48N03ZT57daWURc5TC3T5yNkzGgd3E+ZL/E/yIRB4UUj OiyEJ7QrJeKMW1wk1IFWN/dy4umdykNdvw26GeaXUhDurUNo6V5ng9UZJ8GOKsf2AhZF rR4Ws9bdCvGdk5N90o2DCk2cvPsvh6tvxGrGgNk2/Nrx7izIueBG10fw94OAdfrbotfb B4nP/sGrslsy6iFox+iqJtI13TebZfd3lo1VR4+PMNgmJwgHcoBVKfVAVua33TFYul5D MZ98jFvPU0RhpHsEceQ0qV6yoUirNvnEIOpE7i/+hBIHsKoPcPhvVzbcl/GIVmmo13ss n/YA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1693241553; x=1693846353; h=content-transfer-encoding:in-reply-to:organization:from:references :to:content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=0e/vSQcm0AlIrfpsEyrmVzyaF5se+1GgUsztO+Cgx84=; b=FZ9mG6CvmviUnu+tkPkYoSq34DiXYkNUAl8Q0Anq4uoDGSm30HFhmkCGQW6ZxKzwwK AOkhmnH3wv5CYv2RjLBuQnhRibM/HYBsm0HCaTMV6Q5EdOsNHPq3uKnpP2/N4iqNEFKE l/1C178aUtQkn073dN+nPMO2cNCTYt+CfVSfFJ39Q5Y3DaT0znG9V3SYClFLLa/i23aT zHzMeDnlDj3gspu0zNxDFvGwGdqvTrB/jcq1fnhm3lP7jIHza/LW0Cr6yEBtYXodpJsd /lTiAL3zHGJHAEPJCG8HRS06Ishidjz2MVYEaoALiIJj83CxHkAeBRsGYbXqz467e/pu EgxQ== X-Gm-Message-State: AOJu0Yz844xSvnTjVTP11moPdixNT5SzeN6ogYYEjBjuXEpCmejMWxwY +z2m4a4pEqKVDbopKV3aBKmZWIbu+V225UkZULiXMQ== X-Google-Smtp-Source: AGHT+IHP973lhZO1XP5YTt26PkL9W46w5wNY8gtI55jrne86YYG1FqJCJX4IUMvTwDa6ljE0dmnBnw== X-Received: by 2002:a05:6870:b4a3:b0:1bf:b863:b6d with SMTP id y35-20020a056870b4a300b001bfb8630b6dmr12160992oap.1.1693241553704; Mon, 28 Aug 2023 09:52:33 -0700 (PDT) Received: from ?IPV6:2804:1b3:a7c3:578c:9c3a:f97c:ae6e:d589? ([2804:1b3:a7c3:578c:9c3a:f97c:ae6e:d589]) by smtp.gmail.com with ESMTPSA id l9-20020a4ab0c9000000b0055975f57993sm3790730oon.42.2023.08.28.09.52.32 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 28 Aug 2023 09:52:33 -0700 (PDT) Message-ID: <210fb967-9e1e-a429-e612-728ac2d24f91@linaro.org> Date: Mon, 28 Aug 2023 13:52:30 -0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.14.0 Subject: Re: [PATCH] argp-help: Get rid of alloca. Content-Language: en-US To: Joe Simmons-Talbott , libc-alpha@sourceware.org References: <20230712170206.3675587-1-josimmon@redhat.com> From: Adhemerval Zanella Netto Organization: Linaro In-Reply-To: <20230712170206.3675587-1-josimmon@redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-13.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 12/07/23 14:02, Joe Simmons-Talbott via Libc-alpha wrote: > Replace alloca with a scratch_buffer to avoid potential stack overflow. > > Checked on x86_64-linux-gnu > --- > argp/argp-help.c | 26 +++++++++++++++++++++++--- > 1 file changed, 23 insertions(+), 3 deletions(-) > > diff --git a/argp/argp-help.c b/argp/argp-help.c > index d019ed58d2..a5982334f6 100644 > --- a/argp/argp-help.c > +++ b/argp/argp-help.c > @@ -40,6 +40,7 @@ char *alloca (); > # endif > #endif > > +#include > #include > #include > #include > @@ -1450,8 +1451,17 @@ hol_usage (struct hol *hol, argp_fmtstream_t stream) > { > unsigned nentries; > struct hol_entry *entry; > - char *short_no_arg_opts = alloca (strlen (hol->short_options) + 1); > - char *snao_end = short_no_arg_opts; > + struct scratch_buffer buf; > + scratch_buffer_init (&buf); > + char *short_no_arg_opts; > + char *snao_end; > + > + if (!scratch_buffer_set_array_size (&buf, 1, > + strlen (hol->short_options) + 1)) > + return; I am not sure how to properly handle memory allocation failures here, since the interface does have a way to return failures. On other places that call malloc, such as make_hol, it at least adds a assert. I think it should do the same here. > + short_no_arg_opts = buf.data; > + snao_end = short_no_arg_opts; > + > > /* First we put a list of short options without arguments. */ > for (entry = hol->entries, nentries = hol->num_entries > @@ -1478,6 +1488,8 @@ hol_usage (struct hol *hol, argp_fmtstream_t stream) > ; entry++, nentries--) > hol_entry_long_iterate (entry, usage_long_opt, > entry->argp->argp_domain, stream); > + > + scratch_buffer_free (&buf); > } > } > > @@ -1698,7 +1710,13 @@ _help (const struct argp *argp, const struct argp_state *state, FILE *stream, > { > int first_pattern = 1, more_patterns; > size_t num_pattern_levels = argp_args_levels (argp); > - char *pattern_levels = alloca (num_pattern_levels); > + struct scratch_buffer buf; > + scratch_buffer_init (&buf); > + char *pattern_levels; > + > + if (!scratch_buffer_set_array_size (&buf, 1, num_pattern_levels)) > + return; > + pattern_levels = buf.data; > > memset (pattern_levels, 0, num_pattern_levels); > Same as before. > @@ -1746,6 +1764,8 @@ _help (const struct argp *argp, const struct argp_state *state, FILE *stream, > first_pattern = 0; > } > while (more_patterns); > + > + scratch_buffer_free (&buf); > } > > if (flags & ARGP_HELP_PRE_DOC)