From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <newlib-cvs-return-4132-listarch-newlib-cvs=sources.redhat.com@sourceware.org>
Received: (qmail 105299 invoked by alias); 4 Oct 2019 22:03:35 -0000
Mailing-List: contact newlib-cvs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <newlib-cvs.sourceware.org>
List-Subscribe: <mailto:newlib-cvs-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/newlib-cvs/>
List-Post: <mailto:newlib-cvs@sourceware.org>
List-Help: <mailto:newlib-cvs-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: newlib-cvs-owner@sourceware.org
Received: (qmail 105247 invoked by uid 447); 4 Oct 2019 22:03:35 -0000
Date: Fri, 04 Oct 2019 22:03:00 -0000
Message-ID: <20191004220335.105245.qmail@sourceware.org>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Jeff Johnston <jjohnstn@sourceware.org>
To: newlib-cvs@sourceware.org
Subject: [newlib-cygwin] Prevent NULL ptr accesses due to Balloc out of memory
X-Act-Checkin: newlib-cygwin
X-Git-Author: Jeff Johnston <jjohnstn@redhat.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: df5c79f30c3f871b7e0edd6d4629af78b30fca15
X-Git-Newrev: f88aece242178ff0c187d56e34a79645fbc44a23
X-SW-Source: 2019-q4/txt/msg00000.txt.bz2

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=f88aece242178ff0c187d56e34a79645fbc44a23

commit f88aece242178ff0c187d56e34a79645fbc44a23
Author: Jeff Johnston <jjohnstn@redhat.com>
Date:   Fri Oct 4 17:01:03 2019 -0400

    Prevent NULL ptr accesses due to Balloc out of memory
    
    - add new eBalloc macro to mprec.h which calls Balloc and
      aborts if Balloc fails due to out of memory
    - change mprec.c functions that use Balloc without checking to use eBalloc instead
    - fix dtoa.c to use eBalloc

Diff:
---
 newlib/libc/stdlib/dtoa.c  |  4 ++--
 newlib/libc/stdlib/mprec.c | 20 ++++++++++----------
 newlib/libc/stdlib/mprec.h |  8 ++++++++
 3 files changed, 20 insertions(+), 12 deletions(-)

diff --git a/newlib/libc/stdlib/dtoa.c b/newlib/libc/stdlib/dtoa.c
index c38f37a..e47a8bc 100644
--- a/newlib/libc/stdlib/dtoa.c
+++ b/newlib/libc/stdlib/dtoa.c
@@ -423,7 +423,7 @@ _dtoa_r (struct _reent *ptr,
   for (_REENT_MP_RESULT_K(ptr) = 0; sizeof (_Bigint) - sizeof (__ULong) + j <= i;
        j <<= 1)
     _REENT_MP_RESULT_K(ptr)++;
-  _REENT_MP_RESULT(ptr) = Balloc (ptr, _REENT_MP_RESULT_K(ptr));
+  _REENT_MP_RESULT(ptr) = eBalloc (ptr, _REENT_MP_RESULT_K(ptr));
   s = s0 = (char *) _REENT_MP_RESULT(ptr);
 
   if (ilim >= 0 && ilim <= Quick_max && try_quick)
@@ -743,7 +743,7 @@ _dtoa_r (struct _reent *ptr,
       mlo = mhi;
       if (spec_case)
 	{
-	  mhi = Balloc (ptr, mhi->_k);
+	  mhi = eBalloc (ptr, mhi->_k);
 	  Bcopy (mhi, mlo);
 	  mhi = lshift (ptr, mhi, Log2P);
 	}
diff --git a/newlib/libc/stdlib/mprec.c b/newlib/libc/stdlib/mprec.c
index e433fa8..930c984 100644
--- a/newlib/libc/stdlib/mprec.c
+++ b/newlib/libc/stdlib/mprec.c
@@ -178,7 +178,7 @@ multadd (struct _reent *ptr,
     {
       if (wds >= b->_maxwds)
 	{
-	  b1 = Balloc (ptr, b->_k + 1);
+	  b1 = eBalloc (ptr, b->_k + 1);
 	  Bcopy (b1, b);
 	  Bfree (ptr, b);
 	  b = b1;
@@ -203,11 +203,11 @@ s2b (struct _reent * ptr,
   x = (nd + 8) / 9;
   for (k = 0, y = 1; x > y; y <<= 1, k++);
 #ifdef Pack_32
-  b = Balloc (ptr, k);
+  b = eBalloc (ptr, k);
   b->_x[0] = y9;
   b->_wds = 1;
 #else
-  b = Balloc (ptr, k + 1);
+  b = eBalloc (ptr, k + 1);
   b->_x[0] = y9 & 0xffff;
   b->_wds = (b->_x[1] = y9 >> 16) ? 2 : 1;
 #endif
@@ -317,7 +317,7 @@ i2b (struct _reent * ptr, int i)
 {
   _Bigint *b;
 
-  b = Balloc (ptr, 1);
+  b = eBalloc (ptr, 1);
   b->_x[0] = i;
   b->_wds = 1;
   return b;
@@ -346,7 +346,7 @@ mult (struct _reent * ptr, _Bigint * a, _Bigint * b)
   wc = wa + wb;
   if (wc > a->_maxwds)
     k++;
-  c = Balloc (ptr, k);
+  c = eBalloc (ptr, k);
   for (x = c->_x, xa = x + wc; x < xa; x++)
     *x = 0;
   xa = a->_x;
@@ -470,7 +470,7 @@ lshift (struct _reent * ptr, _Bigint * b, int k)
   n1 = n + b->_wds + 1;
   for (i = b->_maxwds; n1 > i; i <<= 1)
     k1++;
-  b1 = Balloc (ptr, k1);
+  b1 = eBalloc (ptr, k1);
   x1 = b1->_x;
   for (i = 0; i < n; i++)
     *x1++ = 0;
@@ -559,7 +559,7 @@ diff (struct _reent * ptr,
   i = cmp (a, b);
   if (!i)
     {
-      c = Balloc (ptr, 0);
+      c = eBalloc (ptr, 0);
       c->_wds = 1;
       c->_x[0] = 0;
       return c;
@@ -573,7 +573,7 @@ diff (struct _reent * ptr,
     }
   else
     i = 0;
-  c = Balloc (ptr, a->_k);
+  c = eBalloc (ptr, a->_k);
   c->_sign = i;
   wa = a->_wds;
   xa = a->_x;
@@ -775,9 +775,9 @@ d2b (struct _reent * ptr,
 #endif
 
 #ifdef Pack_32
-  b = Balloc (ptr, 1);
+  b = eBalloc (ptr, 1);
 #else
-  b = Balloc (ptr, 2);
+  b = eBalloc (ptr, 2);
 #endif
   x = b->_x;
 
diff --git a/newlib/libc/stdlib/mprec.h b/newlib/libc/stdlib/mprec.h
index 7e9a88b..a1492aa 100644
--- a/newlib/libc/stdlib/mprec.h
+++ b/newlib/libc/stdlib/mprec.h
@@ -30,6 +30,7 @@
 #include <math.h>
 #include <float.h>
 #include <errno.h>
+#include <assert.h>
 #include <sys/config.h>
 #include <sys/types.h>
 #include "../locale/setlocale.h"
@@ -340,6 +341,13 @@ typedef struct _Bigint _Bigint;
 #define copybits 	__copybits
 #define hexnan	__hexnan
 
+#define eBalloc(__reent_ptr, __len) ({ \
+   void *__ptr = Balloc(__reent_ptr, __len); \
+   if (__ptr == NULL) \
+     __assert_func(__FILE__, __LINE__, (char *)0, "Balloc succeeded"); \
+   __ptr; \
+   })
+   
 #if !defined(PREFER_SIZE_OVER_SPEED) && !defined(__OPTIMIZE_SIZE__) && !defined(_SMALL_HEXDIG)
 #define __get_hexdig(x) __hexdig[x] /* NOTE: must evaluate arg only once */
 #else /* !defined(PREFER_SIZE_OVER_SPEED) && !defined(__OPTIMIZE_SIZE__) && !defined(_SMALL_HEXDIG) */