From: Zack Weinberg <zackw@panix.com>
To: "Dennis Wölfing" <denniswoelfing@gmx.de>
Cc: GNU C Library <libc-alpha@sourceware.org>
Subject: Re: [PATCH] Add reallocarray function.
Date: Mon, 10 Apr 2017 15:18:00 -0000 [thread overview]
Message-ID: <CAKCAbMgJXHvNe+OnqNAYmHhbt0LqJMbPdhaQrjAGUxM1Y7ZezQ@mail.gmail.com> (raw)
In-Reply-To: <20170410150053.10208-1-denniswoelfing@gmx.de>
On Mon, Apr 10, 2017 at 11:00 AM, Dennis Wölfing <denniswoelfing@gmx.de> wrote:
> The reallocarray function is an extension from OpenBSD. It is an
> integer-overflow-safe replacement for realloc(p, X*Y) and
> malloc(X*Y) (realloc(NULL, X*Y)). It can therefore help in preventing
> certain security issues in code.
>
> This is an updated version of a patch originally submitted by Rüdiger
> Sonderfeld in May 2014.
> See <https://sourceware.org/ml/libc-alpha/2014-05/msg00481.html>.
I agree in principle with adding this function. I skimmed the patch
and it seems to be mostly the Right Thing. I do have two concerns:
* There do not appear to be any uses of the internal aliases
__libc_reallocarray and __reallocarray. Have you audited glibc itself
for places that should use reallocarray? If you haven't, would you be
willing to do that? This will determine whether we actually need
those aliases.
* Please add documentation for reallocarray. It belongs in
manual/memory.texi, in the "Changing Block Size" section. This is the
place to explain when and why one should use reallocarray instead of
realloc.
zw
next prev parent reply other threads:[~2017-04-10 15:18 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-10 15:01 Dennis Wölfing
2017-04-10 15:18 ` Zack Weinberg [this message]
2017-04-10 18:27 ` Dennis Wölfing
2017-04-16 13:19 ` Dennis Wölfing
2017-04-16 13:38 ` Florian Weimer
2017-04-10 16:03 ` Andreas Schwab
2017-04-11 7:55 ` Florian Weimer
2017-04-12 15:24 ` Dennis Wölfing
2017-04-12 16:35 ` Florian Weimer
2017-04-17 14:02 ` [PATCH v2] " Dennis Wölfing
2017-04-17 14:32 ` Florian Weimer
2017-04-17 14:34 ` Paul Eggert
2017-04-17 14:40 ` Dennis Wölfing
2017-04-17 14:44 ` Florian Weimer
2017-04-18 12:34 ` Carlos O'Donell
2017-04-18 14:29 ` Dennis Wölfing
2017-04-18 15:50 ` Carlos O'Donell
2017-04-18 15:57 ` Dennis Wölfing
2017-04-19 15:16 ` Joseph Myers
2017-04-19 15:02 ` Joseph Myers
2017-04-21 12:16 ` [PATCH v3] " Dennis Wölfing
2017-04-28 8:57 ` Dennis Wölfing
2017-05-08 7:07 ` Dennis Wölfing
2017-05-08 7:34 ` Florian Weimer
2017-05-10 13:03 ` [PATCH v4] " Dennis Wölfing
2017-05-10 21:29 ` DJ Delorie
2017-05-11 17:00 ` Dennis Wölfing
2017-05-11 17:28 ` DJ Delorie
2017-05-11 18:36 ` Dennis Wölfing
2017-05-11 18:41 ` DJ Delorie
2017-05-15 12:22 ` [PATCH v5] " Dennis Wölfing
2017-05-22 14:16 ` Dennis Wölfing
2017-05-22 18:24 ` DJ Delorie
2017-05-22 18:51 ` Zack Weinberg
2017-05-22 20:25 ` [PATCH v6] " Dennis Wölfing
2017-05-29 12:29 ` Dennis Wölfing
2017-05-30 16:02 ` DJ Delorie
2017-05-30 16:17 ` Zack Weinberg
2017-05-30 20:02 ` Dennis Wölfing
2017-05-30 20:35 ` Adhemerval Zanella
2017-05-30 20:38 ` Dennis Wölfing
2017-05-30 20:40 ` Adhemerval Zanella
2017-05-30 20:50 ` [PATCH v7] " Dennis Wölfing
2017-05-30 22:06 ` Adhemerval Zanella
2017-05-30 15:17 ` [PATCH v6] " Adhemerval Zanella
2017-05-30 20:02 ` Dennis Wölfing
2017-05-30 20:16 ` Florian Weimer
2017-05-30 20:27 ` Adhemerval Zanella
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKCAbMgJXHvNe+OnqNAYmHhbt0LqJMbPdhaQrjAGUxM1Y7ZezQ@mail.gmail.com \
--to=zackw@panix.com \
--cc=denniswoelfing@gmx.de \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).