From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=Wu4u=CK=linaro.org=adhemerval.zanella@sourceware.org>
Received: from mail-oa1-x36.google.com (mail-oa1-x36.google.com [IPv6:2001:4860:4864:20::36])
	by sourceware.org (Postfix) with ESMTPS id 304C83858D35
	for <libc-alpha@sourceware.org>; Thu, 22 Jun 2023 13:48:02 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 304C83858D35
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=linaro.org
Received: by mail-oa1-x36.google.com with SMTP id 586e51a60fabf-1a9a2724a62so6550972fac.2
        for <libc-alpha@sourceware.org>; Thu, 22 Jun 2023 06:48:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google; t=1687441681; x=1690033681;
        h=content-transfer-encoding:in-reply-to:organization:from:references
         :to:content-language:subject:user-agent:mime-version:date:message-id
         :from:to:cc:subject:date:message-id:reply-to;
        bh=efZTCUmBm3CuFmA16HW8xFDaioohkf0GaePxjpWgnrY=;
        b=L1PF2N7tknXc+ByUDdLhog5X1fagJukck0jVqwLv+sE3hma0QCu6Dob63BZJVY8Klq
         F9w2992MN7TffeEopzlmiirYRbDcCD4mt6UmKJ68Pj1OYwwahDsQcDqxjRj09RvLnw54
         RvevMcREe5ME0Vy1EkyydakGjOVddBP00MJiQ7g+YYf5HDJy80OTnPkmzvjjeBCTLT5T
         bxI1f+/QynUpgfoj9NCIGjXT2v8FY7lJW7I6m2Yxz+pP6y5zYtA8dUhGD8C1O4DyqwIj
         X2KMW/sD6Yok5hZLwLTmEWE5NU+Aq5HUOk2XbcpUr+TE1ll5tX8/dMGBXGYl6zFdsgfU
         V8wg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1687441681; x=1690033681;
        h=content-transfer-encoding:in-reply-to:organization:from:references
         :to:content-language:subject:user-agent:mime-version:date:message-id
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=efZTCUmBm3CuFmA16HW8xFDaioohkf0GaePxjpWgnrY=;
        b=IoC4gFZOhDl2/55ggXEkEQsICpAQt8XUXR28dB3ZawTPwlZpw2U0YNMUwUgn6BeQBw
         +Vnrw4lIwg+yMV58RGZR9QH2DwOj1MMH1qyuoGTqhNzHEj0r4+3QvgkUZzxUCDz0OzYI
         Wo6pEjXOT+xYvwPEhFQG2ql1EYgsZa2jb8ULi36ApdMPYWkIgGCMb5cb/rwfPKRYaGNC
         DQy/3kE6ZJb0z3+yBJaWB/t73xvE2nF2d0I8a2ouSqPcx9zHRDJGSrcCDyh08z8rXIEJ
         8VyhG4AmtbsO1VAxvI6gdLT80NbFklkPqAV3z6pSMnEhINFZBVW7+pKSvyZO5UDnXjbZ
         hD1A==
X-Gm-Message-State: AC+VfDzWqZIOYj2yO8ZUAtxCsg8eSS2Wa9wICzKe6T6D/ANxaW0SCVHZ
	TJOygH0ir5vJGFIDPolFT5n8LeWz0Z5cC6fqv8nKOQ==
X-Google-Smtp-Source: ACHHUZ7VhrbciSDIIFqjtsCQLd5RJ7DLjyvki7L7LaHpN0tKapRMsyPOKPLugtGPhel3blWwaXo1Cg==
X-Received: by 2002:a05:6870:1a90:b0:19f:3ea6:413c with SMTP id ef16-20020a0568701a9000b0019f3ea6413cmr11583737oab.0.1687441680937;
        Thu, 22 Jun 2023 06:48:00 -0700 (PDT)
Received: from ?IPV6:2804:1b3:a7c3:1ddb:340f:938a:5f1:4881? ([2804:1b3:a7c3:1ddb:340f:938a:5f1:4881])
        by smtp.gmail.com with ESMTPSA id pu16-20020a0568709e9000b001a9d889f653sm4113353oab.41.2023.06.22.06.47.59
        for <libc-alpha@sourceware.org>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Thu, 22 Jun 2023 06:48:00 -0700 (PDT)
Message-ID: <ccd8858c-985a-f7ce-6de9-310526a6803b@linaro.org>
Date: Thu, 22 Jun 2023 10:47:58 -0300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0)
 Gecko/20100101 Thunderbird/102.12.0
Subject: Re: [PATCH v6] ifaddrs: Get rid of alloca
Content-Language: en-US
To: libc-alpha@sourceware.org
References: <20230621200053.3021604-1-josimmon@redhat.com>
From: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
Organization: Linaro
In-Reply-To: <20230621200053.3021604-1-josimmon@redhat.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-12.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,KAM_SHORT,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <libc-alpha.sourceware.org>



On 21/06/23 17:00, Joe Simmons-Talbott via Libc-alpha wrote:
> Use scratch_buffer and malloc rather than alloca to avoid potential stack
> overflows.

LGTM, thanks.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>


> ---
> Changes to v5:
>   * Don't bypass the __libc_scratch_buffer_set_array_size check by
>     passing both the item size and count to scratch_buffer_set_array_size. 
> 
>  sysdeps/unix/sysv/linux/ifaddrs.c | 46 ++++++++++++++-----------------
>  1 file changed, 20 insertions(+), 26 deletions(-)
> 
> diff --git a/sysdeps/unix/sysv/linux/ifaddrs.c b/sysdeps/unix/sysv/linux/ifaddrs.c
> index 184ee224cb..0db9bb7847 100644
> --- a/sysdeps/unix/sysv/linux/ifaddrs.c
> +++ b/sysdeps/unix/sysv/linux/ifaddrs.c
> @@ -16,13 +16,13 @@
>     License along with the GNU C Library; if not, see
>     <https://www.gnu.org/licenses/>.  */
>  
> -#include <alloca.h>
>  #include <assert.h>
>  #include <errno.h>
>  #include <ifaddrs.h>
>  #include <net/if.h>
>  #include <netinet/in.h>
>  #include <netpacket/packet.h>
> +#include <scratch_buffer.h>
>  #include <stdbool.h>
>  #include <stdint.h>
>  #include <stdlib.h>
> @@ -131,26 +131,14 @@ __netlink_request (struct netlink_handle *h, int type)
>    ssize_t read_len;
>    bool done = false;
>  
> -#ifdef PAGE_SIZE
> -  /* Help the compiler optimize out the malloc call if PAGE_SIZE
> -     is constant and smaller or equal to PTHREAD_STACK_MIN/4.  */
> -  const size_t buf_size = PAGE_SIZE;
> -#else
> -  const size_t buf_size = __getpagesize ();
> -#endif
> -  bool use_malloc = false;
> -  char *buf;
> -
> -  if (__libc_use_alloca (buf_size))
> -    buf = alloca (buf_size);
> -  else
> -    {
> -      buf = malloc (buf_size);
> -      if (buf != NULL)
> -	use_malloc = true;
> -      else
> -	goto out_fail;
> -    }
> +  /* Netlink requires that user buffer needs to be either 8kb or page size
> +     (whichever is bigger), however this has been changed over time and now
> +     8Kb is sufficient (check NLMSG_DEFAULT_SIZE on Linux
> +     linux/include/linux/netlink.h).  */
> +  const size_t buf_size = 8192;
> +  char *buf = malloc (buf_size);
> +  if (buf == NULL)
> +    goto out_fail;
>  
>    struct iovec iov = { buf, buf_size };
>  
> @@ -229,13 +217,11 @@ __netlink_request (struct netlink_handle *h, int type)
>        h->end_ptr = nlm_next;
>      }
>  
> -  if (use_malloc)
> -    free (buf);
> +  free(buf);
>    return 0;
>  
>  out_fail:
> -  if (use_malloc)
> -    free (buf);
> +  free(buf);
>    return -1;
>  }
>  
> @@ -324,6 +310,8 @@ getifaddrs_internal (struct ifaddrs **ifap)
>    char *ifa_data_ptr;	/* Pointer to the unused part of memory for
>  				ifa_data.  */
>    int result = 0;
> +  struct scratch_buffer buf;
> +  scratch_buffer_init (&buf);
>  
>    *ifap = NULL;
>  
> @@ -425,7 +413,12 @@ getifaddrs_internal (struct ifaddrs **ifap)
>      }
>  
>    /* Table for mapping kernel index to entry in our list.  */
> -  map_newlink_data = alloca (newlink * sizeof (int));
> +  if (!scratch_buffer_set_array_size (&buf, newlink, sizeof (int)))
> +    {
> +      result = -1;
> +      goto exit_free;
> +    }
> +  map_newlink_data = buf.data;
>    memset (map_newlink_data, '\xff', newlink * sizeof (int));
>  
>    ifa_data_ptr = (char *) &ifas[newlink + newaddr];
> @@ -820,6 +813,7 @@ getifaddrs_internal (struct ifaddrs **ifap)
>   exit_free:
>    __netlink_free_handle (&nh);
>    __netlink_close (&nh);
> +  scratch_buffer_free (&buf);
>  
>    return result;
>  }