From patchwork Fri Jan 17 10:28:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 1224741 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=libc-alpha-return-108756-incoming=patchwork.ozlabs.org@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha1 header.s=default header.b=SANonmnK; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=AJy1Rzk9; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47zck54B4yz9s29 for ; Fri, 17 Jan 2020 21:29:16 +1100 (AEDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:mime-version :content-type:content-transfer-encoding; q=dns; s=default; b=Cr0 FRYTiMznN6B6wYww505cXJQWmCL3cz14qYG0epqcGGPvhL+BQubF/KoUh1PKASQg IBEKX0V2dUiFFjIoxs5AT3TvGWJBdODXYfrxdPirtENmvOly6g379YotePhDnx1L JsIao8SK4Dio0Jqc7O+49oX4v+3Kt3EUon8uJhDY= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:mime-version :content-type:content-transfer-encoding; s=default; bh=9tB9yWOPt dJWNjNejCKqkiN2OP4=; b=SANonmnKbGiJg6UExMZo4UXnEvqvgFMLUn6L//of0 I9D9K0N9ECa0Ss4ZzJb94DPBWB6rrhvUUbh3ly6nm85fnKyKvLjS4oHKH/XWVWOJ 6Uz3MrV12R4+gCwHSbGEEg/1P6BlEOSodiUpDrn9hmAwzfqLdW/3MTpHtPd3BT9g ng= Received: (qmail 53725 invoked by alias); 17 Jan 2020 10:29:10 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 53685 invoked by uid 89); 17 Jan 2020 10:29:06 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-18.6 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_SHORT, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 spammy= X-HELO: us-smtp-delivery-1.mimecast.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1579256934; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8VEiCcr7/A3tUjKUlGQZQ7DBK0mLiMblRaZL87FCBL4=; b=AJy1Rzk9R1a32PcD59n3Q615t+AUsbjJXD3tVkwF7PprrwKN175DJ9eCmOczBWop/YAEgg lMGpFhi9aGs36Oo55jKYEre7pYmwDfyQd5VQJoIkeLQdId1gPUMt1UwIHOMNihElE+0zAC CDfH8QLS2SslsKwQDNBp4BTz1Vp/y1w= From: Florian Weimer To: libc-alpha@sourceware.org Subject: [PATCH] Remove incorrect alloc_size attribute from pvalloc [BZ #25401] Date: Fri, 17 Jan 2020 11:28:47 +0100 Message-ID: <87h80uqsv4.fsf@oldenburg2.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com pvalloc is guarantueed to round up the allocation size to the page size, so applications can assume that the memory region is larger than the passed-in argument. The alloc_size attribute cannot express that. The test case is based on a suggestion from Jakub Jelinek. This fixes commit 9bf8e29ca136094f73f69f725f15c51facc97206 ("malloc: make malloc fail with requests larger than PTRDIFF_MAX (BZ#23741)"). ----- malloc/Makefile | 2 +- malloc/malloc.h | 3 +-- malloc/tst-pvalloc-fortify.c | 48 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 50 insertions(+), 3 deletions(-) Reviewed-by: Adhemerval Zanella diff --git a/malloc/Makefile b/malloc/Makefile index 734efe368d..984045b5b9 100644 --- a/malloc/Makefile +++ b/malloc/Makefile @@ -27,7 +27,7 @@ headers := $(dist-headers) obstack.h mcheck.h tests := mallocbug tst-malloc tst-valloc tst-calloc tst-obstack \ tst-mcheck tst-mallocfork tst-trim1 \ tst-malloc-usable tst-realloc tst-reallocarray tst-posix_memalign \ - tst-pvalloc tst-memalign tst-mallopt \ + tst-pvalloc tst-pvalloc-fortify tst-memalign tst-mallopt \ tst-malloc-backtrace tst-malloc-thread-exit \ tst-malloc-thread-fail tst-malloc-fork-deadlock \ tst-mallocfork2 \ diff --git a/malloc/malloc.h b/malloc/malloc.h index 0c76264421..a6903fdd54 100644 --- a/malloc/malloc.h +++ b/malloc/malloc.h @@ -71,8 +71,7 @@ extern void *valloc (size_t __size) __THROW __attribute_malloc__ /* Equivalent to valloc(minimum-page-that-holds(n)), that is, round up __size to nearest pagesize. */ -extern void *pvalloc (size_t __size) __THROW __attribute_malloc__ - __attribute_alloc_size__ ((1)) __wur; +extern void *pvalloc (size_t __size) __THROW __attribute_malloc__ __wur; /* Underlying allocation function; successive calls should return contiguous pieces of memory. */ diff --git a/malloc/tst-pvalloc-fortify.c b/malloc/tst-pvalloc-fortify.c new file mode 100644 index 0000000000..391b7fa2f5 --- /dev/null +++ b/malloc/tst-pvalloc-fortify.c @@ -0,0 +1,48 @@ +/* Test fortify-source allocation size handling in pvalloc (bug 25401). + Copyright (C) 2020 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; see the file COPYING.LIB. If + not, see . */ + +#undef _FORTIFY_SOURCE +#define _FORTIFY_SOURCE 2 +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + /* The test below assumes that pvalloc rounds up the allocation size + to at least 8. */ + TEST_VERIFY (xsysconf (_SC_PAGESIZE) >= 8); + + void *p = pvalloc (5); + TEST_VERIFY_EXIT (p != NULL); + + /* This is valid assuming the page size is at least 8 because + pvalloc rounds up the allocation size to a multiple of the page + size. Due to bug 25041, this used to trigger a compiler + warning. */ + strcpy (p, "abcdefg"); + + asm ("" : : "g" (p) : "memory"); /* Optimization barrier. */ + TEST_VERIFY (malloc_usable_size (p) >= xsysconf (_SC_PAGESIZE)); + return 0; +} + +#include