From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Iwal=CA=linaro.org=adhemerval.zanella@sourceware.org>
Received: from mail-oa1-x35.google.com (mail-oa1-x35.google.com [IPv6:2001:4860:4864:20::35])
	by sourceware.org (Postfix) with ESMTPS id 5E2623858D20
	for <libc-alpha@sourceware.org>; Mon, 12 Jun 2023 20:44:24 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5E2623858D20
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
Received: by mail-oa1-x35.google.com with SMTP id 586e51a60fabf-19fa4346498so2811827fac.1
        for <libc-alpha@sourceware.org>; Mon, 12 Jun 2023 13:44:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1686602663; x=1689194663;
        h=content-transfer-encoding:in-reply-to:organization:from:references
         :to:content-language:subject:user-agent:mime-version:date:message-id
         :from:to:cc:subject:date:message-id:reply-to;
        bh=5B0ofiRwzqtH/wFAgLc4XYzdH+sLJq7/cEjj3iaSP2Y=;
        b=bEO/sTLB0ECkHBLHcncEcaAb9CPTZgngp70kE3Xk+0cHl50uw5+M9xn2QGyUpTyZi6
         LcwI4lx4qxq9g/iqTh73kjdPYQqoUQVTfr//qCvLl2+8v3hoE6LyMfafKnsONuXRICQY
         Pwuzib5cvxNIv56li/RP+45Ics9xQijtX3l3ZojIoqfj5jHGmK0AaIxT4PGWiTbGayZk
         GGtRN21QfiheD6c0x3+WZwCVOi52IGwL5eTdUWWv7cyck0xi95IkC2Uh8/yt7rZKAgIM
         AHKtk/yfQh7w2xThaNDrCss7jU+99u+iIxPehB+lqZznGideNnk6rAeRXwF9YFgvzrub
         V+wQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1686602663; x=1689194663;
        h=content-transfer-encoding:in-reply-to:organization:from:references
         :to:content-language:subject:user-agent:mime-version:date:message-id
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=5B0ofiRwzqtH/wFAgLc4XYzdH+sLJq7/cEjj3iaSP2Y=;
        b=ADbL/aFotrPLJpeqw3J7fFKZoZEwq0f9E67UmJdX2wnShw2CNXiQC0x06nPhKATtGG
         /afcEU2ZH2LQGmzFfeK8qPgpPeKwA9ixqi3QebebQIX82djVpTiOVH77IO/q6oFMbz0y
         weHMbvd2Tx8kbGXukyf445dwqC1NmZpkQ9lMTyU7CQxiZCr9mRXqb9JbOuXYRvBm3LeL
         231VEm6l4Dgg/Taih804aDogXiM4k85tzpz7H3R+T4XF6ym2KaX7YLyZYj9SxEn7/BZA
         pAPdkMKfUNMpGJXnljVwnCTAzliotCUPhM4sinZ+zPvmy/8PFRTqMeKTAEXJRMr0Iogk
         KzEA==
X-Gm-Message-State: AC+VfDxno3fPBWOc0N7z0JQCTheQjJyRT/UoZ+3jsB/tOVArPW8bSw1l
	My0lHWw9trg+dc7vgdGOzjOmS0JRBzW2XdIHFaSIcw==
X-Google-Smtp-Source: ACHHUZ51agfxvedhMV0HJH+LK2kTQqAbWt518snzyY5aevLTx9xYwqs4mI835PXSYgXizP4EPLHEUg==
X-Received: by 2002:a05:6870:715:b0:19f:9fe7:9341 with SMTP id ea21-20020a056870071500b0019f9fe79341mr6907147oab.12.1686602663065;
        Mon, 12 Jun 2023 13:44:23 -0700 (PDT)
Received: from ?IPV6:2804:1b3:a7c2:8501:140e:99f1:7d92:1ee7? ([2804:1b3:a7c2:8501:140e:99f1:7d92:1ee7])
        by smtp.gmail.com with ESMTPSA id cm38-20020a056870b62600b001968dd2e1fesm6443708oab.3.2023.06.12.13.44.21
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Mon, 12 Jun 2023 13:44:22 -0700 (PDT)
Message-ID: <2f5bbb26-1914-3cbb-9f72-11c5608eb2a6@linaro.org>
Date: Mon, 12 Jun 2023 17:44:19 -0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0)
 Gecko/20100101 Thunderbird/102.12.0
Subject: Re: [PATCH v5] ifaddrs: Get rid of alloca
Content-Language: en-US
To: Joe Simmons-Talbott <josimmon@redhat.com>, libc-alpha@sourceware.org
References: <20230601164326.3697401-1-josimmon@redhat.com>
From: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
Organization: Linaro
In-Reply-To: <20230601164326.3697401-1-josimmon@redhat.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,KAM_SHORT,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>



On 01/06/23 13:43, Joe Simmons-Talbott via Libc-alpha wrote:
> Use scratch_buffer and malloc rather than alloca to avoid potential stack
> overflows.

LGTM, thanks.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

> ---
> Changes to v4:
>   * Don't use a cleanup handler.
> 
>  sysdeps/unix/sysv/linux/ifaddrs.c | 46 ++++++++++++++-----------------
>  1 file changed, 20 insertions(+), 26 deletions(-)
> 
> diff --git a/sysdeps/unix/sysv/linux/ifaddrs.c b/sysdeps/unix/sysv/linux/ifaddrs.c
> index 184ee224cb..a10e8d9292 100644
> --- a/sysdeps/unix/sysv/linux/ifaddrs.c
> +++ b/sysdeps/unix/sysv/linux/ifaddrs.c
> @@ -16,13 +16,13 @@
>     License along with the GNU C Library; if not, see
>     <https://www.gnu.org/licenses/>.  */
>  
> -#include <alloca.h>
>  #include <assert.h>
>  #include <errno.h>
>  #include <ifaddrs.h>
>  #include <net/if.h>
>  #include <netinet/in.h>
>  #include <netpacket/packet.h>
> +#include <scratch_buffer.h>
>  #include <stdbool.h>
>  #include <stdint.h>
>  #include <stdlib.h>
> @@ -131,26 +131,14 @@ __netlink_request (struct netlink_handle *h, int type)
>    ssize_t read_len;
>    bool done = false;
>  
> -#ifdef PAGE_SIZE
> -  /* Help the compiler optimize out the malloc call if PAGE_SIZE
> -     is constant and smaller or equal to PTHREAD_STACK_MIN/4.  */
> -  const size_t buf_size = PAGE_SIZE;
> -#else
> -  const size_t buf_size = __getpagesize ();
> -#endif
> -  bool use_malloc = false;
> -  char *buf;
> -
> -  if (__libc_use_alloca (buf_size))
> -    buf = alloca (buf_size);
> -  else
> -    {
> -      buf = malloc (buf_size);
> -      if (buf != NULL)
> -	use_malloc = true;
> -      else
> -	goto out_fail;
> -    }
> +  /* Netlink requires that user buffer needs to be either 8kb or page size
> +     (whichever is bigger), however this has been changed over time and now
> +     8Kb is sufficient (check NLMSG_DEFAULT_SIZE on Linux
> +     linux/include/linux/netlink.h).  */
> +  const size_t buf_size = 8192;
> +  char *buf = malloc (buf_size);
> +  if (buf == NULL)
> +    goto out_fail;
>  
>    struct iovec iov = { buf, buf_size };
>  
> @@ -229,13 +217,11 @@ __netlink_request (struct netlink_handle *h, int type)
>        h->end_ptr = nlm_next;
>      }
>  
> -  if (use_malloc)
> -    free (buf);
> +  free(buf);
>    return 0;
>  
>  out_fail:
> -  if (use_malloc)
> -    free (buf);
> +  free(buf);
>    return -1;
>  }
>  
> @@ -324,6 +310,8 @@ getifaddrs_internal (struct ifaddrs **ifap)
>    char *ifa_data_ptr;	/* Pointer to the unused part of memory for
>  				ifa_data.  */
>    int result = 0;
> +  struct scratch_buffer buf;
> +  scratch_buffer_init (&buf);
>  
>    *ifap = NULL;
>  
> @@ -425,7 +413,12 @@ getifaddrs_internal (struct ifaddrs **ifap)
>      }
>  
>    /* Table for mapping kernel index to entry in our list.  */
> -  map_newlink_data = alloca (newlink * sizeof (int));
> +  if (!scratch_buffer_set_array_size (&buf, 1, newlink * sizeof (int)))
> +    {
> +      result = -1;
> +      goto exit_free;
> +    }
> +  map_newlink_data = buf.data;
>    memset (map_newlink_data, '\xff', newlink * sizeof (int));
>  
>    ifa_data_ptr = (char *) &ifas[newlink + newaddr];
> @@ -820,6 +813,7 @@ getifaddrs_internal (struct ifaddrs **ifap)
>   exit_free:
>    __netlink_free_handle (&nh);
>    __netlink_close (&nh);
> +  scratch_buffer_free (&buf);
>  
>    return result;
>  }