From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=TtyY=FS=redhat.com=ashankar@sourceware.org>
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by sourceware.org (Postfix) with ESMTPS id D8E993858CDB
	for <libc-alpha@sourceware.org>; Wed,  4 Oct 2023 13:09:28 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D8E993858CDB
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1696424968;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=R1fZNYJdYbuSB7sec/QWqUTfuaiO5drQfme+jYaty5A=;
	b=cXNYH1ae5qXvR9h86+fu3ccr0v2WutBQN1I9l6LZEHIk/u8ahT6Ld0VPMIEUEy9EtxfFKw
	nfuD+Ww/h69xP9zqNUqajCYgvBosQC1EhR2ivn6z0Gk/CTtW9tRusD9SXafriVT/kq069l
	yX8xBVW6IcPjGliyOsfjIMnwXsZFEew=
Received: from mail-pg1-f200.google.com (mail-pg1-f200.google.com
 [209.85.215.200]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-575-RfdJydduO0uL1Y_754My3Q-1; Wed, 04 Oct 2023 09:09:27 -0400
X-MC-Unique: RfdJydduO0uL1Y_754My3Q-1
Received: by mail-pg1-f200.google.com with SMTP id 41be03b00d2f7-5784ef4be4fso715320a12.1
        for <libc-alpha@sourceware.org>; Wed, 04 Oct 2023 06:09:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1696424966; x=1697029766;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=R1fZNYJdYbuSB7sec/QWqUTfuaiO5drQfme+jYaty5A=;
        b=H3/HMPllUmwPQX40/vdAoYxaUCItdchV6FnkCQOHEFT0u+7nRzyx6VgLO5NPttGzBV
         UR244sFvK4MfrJqsl9ZtVQ9ij5iC/63egXHoV3bxU4uLQjNCd5Jx4mW/D0ShxPTDJDaR
         qkx7zsy8yoPlthZkUmMjEK9wEgSdOroCfhKVQueTMcIxm6cq+1JEP4zlJcnplD1lPyDx
         s6PGuX01Rcmcc8Koc6x/bTXjaG6wvFScv2hdTxa4CLIMAbAnFgoEpV03rVkxwr+WHcXr
         257iKKVYT+YfD8hwx5PEFcE3AY9E5qGH6iVe581OHDNROYklHmTsQfDjlaSVvbo8/NMU
         5vHw==
X-Gm-Message-State: AOJu0YytpQDr5i3rt4lEjzd5xmYGoJ3OpztHwsEpXDY2hGwtqIrbSII8
	cb+dCEZpOJmR5TgNWCiRne9gMNuINW5+Di+NX63I4KrkFcWia1yd1o2SATl1qv3AZsT6o76Qtmy
	sz6ac4vAVPWvJL2KDk1ehA4TWDwcyiRRlqqsE
X-Received: by 2002:a17:90a:b396:b0:274:98aa:72d8 with SMTP id e22-20020a17090ab39600b0027498aa72d8mr3266121pjr.3.1696424966045;
        Wed, 04 Oct 2023 06:09:26 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IEd7gzTbft9l5GtVwALT62Azq98kaCXRCuRbVClSfj8kgi6EQ+b34N4UhfvlFY9Gj026rQf0HYRKK3mMb1uHds=
X-Received: by 2002:a17:90a:b396:b0:274:98aa:72d8 with SMTP id
 e22-20020a17090ab39600b0027498aa72d8mr3266108pjr.3.1696424965716; Wed, 04 Oct
 2023 06:09:25 -0700 (PDT)
MIME-Version: 1.0
References: <20230928141125.600816-1-josimmon@redhat.com>
In-Reply-To: <20230928141125.600816-1-josimmon@redhat.com>
From: Arjun Shankar <arjun@redhat.com>
Date: Wed, 4 Oct 2023 15:09:14 +0200
Message-ID: <CAG_osaa6AY1BsW7zn6Q1O789Vu7VGMDXCVvPsEWyTuBHk4aFqg@mail.gmail.com>
Subject: Re: [PATCH v2] nss: Get rid of alloca usage in makedb's write_output.
To: Joe Simmons-Talbott <josimmon@redhat.com>
Cc: libc-alpha@sourceware.org
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-12.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>

Hi Joe,

> Replace alloca usage with a scratch_buffer.
> ---
> Changes to v1:
>  * move scratch_buffer_free after the call to error ().
>
>  nss/makedb.c | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/nss/makedb.c b/nss/makedb.c
> index 48c8fe1333..67c3c4c893 100644
> --- a/nss/makedb.c
> +++ b/nss/makedb.c
> @@ -25,6 +25,7 @@
>  #include <inttypes.h>
>  #include <libintl.h>
>  #include <locale.h>
> +#include <scratch_buffer.h>
>  #include <search.h>
>  #include <stdbool.h>
>  #include <stdio.h>

OK.

> @@ -739,7 +740,16 @@ write_output (int fd)
>    struct nss_db_header *header;
>    uint64_t file_offset = (sizeof (struct nss_db_header)
>                           + (ndatabases * sizeof (header->dbs[0])));
> -  header = alloca (file_offset);
> +  struct scratch_buffer sbuf;
> +  scratch_buffer_init (&sbuf);
> +
> +
> +  if (!scratch_buffer_set_array_size (&sbuf, 1, file_offset))
> +    {
> +      error (0, errno, gettext ("failed to allocate memory"));
> +      return EXIT_FAILURE;
> +    }

The way scratch_buffer_init and scratch_buffer_set_array_size are
implemented currently, a failure of the set_array_size here looks like
it doesn't necessarily need a scratch_buffer_free to be called after
failure because there's nothing to be freed. But I think calling
scratch_buffer_free here before returning here is the safer bet.

> +  header = sbuf.data;
>
>    header->magic = NSS_DB_MAGIC;
>    header->ndbs = ndatabases;
> @@ -803,6 +813,7 @@ write_output (int fd)
>    if (writev (fd, iov, iov_nelts) != keydataoffset)
>      {
>        error (0, errno, gettext ("failed to write new database file"));
> +      scratch_buffer_free (&sbuf);
>        return EXIT_FAILURE;
>      }

OK.

>
> @@ -810,6 +821,7 @@ write_output (int fd)
>    DIAG_POP_NEEDS_COMMENT;
>  #endif
>
> +  scratch_buffer_free (&sbuf);
>    return EXIT_SUCCESS;
>  }

OK.

-- 
Arjun Shankar
he/him/his