diff options
| author | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2024-11-07 11:16:04 -0500 |
|---|---|---|
| committer | Siddhesh Poyarekar <siddhesh@sourceware.org> | 2024-12-17 17:42:55 -0500 |
| commit | ae5062201d7e9d18fe88bff4bc71088374c394fb (patch) | |
| tree | 4f5917292a83f1e2f479802987f7e7dc966a5672 /libio | |
| parent | cfdd9e7aa45cdc575df237e2d2eee3219a06829b (diff) | |
| download | glibc-ae5062201d7e9d18fe88bff4bc71088374c394fb.zip glibc-ae5062201d7e9d18fe88bff4bc71088374c394fb.tar.gz glibc-ae5062201d7e9d18fe88bff4bc71088374c394fb.tar.bz2 | |
ungetc: Guarantee single char pushback
The C standard requires that ungetc guarantees at least one pushback,
but the malloc call to allocate the pushback buffer could fail, thus
violating that requirement. Fix this by adding a single byte pushback
buffer in the FILE struct that the pushback can fall back to if malloc
fails.
The side-effect is that if the initial malloc fails and the 1-byte
fallback buffer is used, future resizing (if it succeeds) will be
2-bytes, 4-bytes and so on, which is suboptimal but it's after a malloc
failure, so maybe even desirable.
A future optimization here could be to have the pushback code use the
single byte buffer first and only fall back to malloc for subsequent
calls.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Maciej W. Rozycki <macro@redhat.com>
Diffstat (limited to 'libio')
| -rw-r--r-- | libio/bits/types/struct_FILE.h | 5 | ||||
| -rw-r--r-- | libio/fileops.c | 7 | ||||
| -rw-r--r-- | libio/genops.c | 16 | ||||
| -rw-r--r-- | libio/libioP.h | 30 | ||||
| -rw-r--r-- | libio/oldfileops.c | 5 | ||||
| -rw-r--r-- | libio/wfileops.c | 3 |
6 files changed, 43 insertions, 23 deletions
diff --git a/libio/bits/types/struct_FILE.h b/libio/bits/types/struct_FILE.h index d8d2663..87197a3 100644 --- a/libio/bits/types/struct_FILE.h +++ b/libio/bits/types/struct_FILE.h @@ -1,4 +1,5 @@ /* Copyright (C) 1991-2024 Free Software Foundation, Inc. + Copyright The GNU Toolchain Authors. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -70,7 +71,9 @@ struct _IO_FILE struct _IO_FILE *_chain; int _fileno; - int _flags2; + int _flags2:24; + /* Fallback buffer to use when malloc fails to allocate one. */ + char _short_backupbuf[1]; __off_t _old_offset; /* This used to be _offset but it's too small. */ /* 1+column number of pbase(); 0 is unknown. */ diff --git a/libio/fileops.c b/libio/fileops.c index 759d737..d49e489 100644 --- a/libio/fileops.c +++ b/libio/fileops.c @@ -1,4 +1,5 @@ /* Copyright (C) 1993-2024 Free Software Foundation, Inc. + Copyright The GNU Toolchain Authors. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -480,7 +481,7 @@ _IO_new_file_underflow (FILE *fp) /* Maybe we already have a push back pointer. */ if (fp->_IO_save_base != NULL) { - free (fp->_IO_save_base); + _IO_free_backup_buf (fp, fp->_IO_save_base); fp->_flags &= ~_IO_IN_BACKUP; } _IO_doallocbuf (fp); @@ -932,7 +933,7 @@ _IO_new_file_seekoff (FILE *fp, off64_t offset, int dir, int mode) /* It could be that we already have a pushback buffer. */ if (fp->_IO_read_base != NULL) { - free (fp->_IO_read_base); + _IO_free_backup_buf (fp, fp->_IO_read_base); fp->_flags &= ~_IO_IN_BACKUP; } _IO_doallocbuf (fp); @@ -1282,7 +1283,7 @@ _IO_file_xsgetn (FILE *fp, void *data, size_t n) /* Maybe we already have a push back pointer. */ if (fp->_IO_save_base != NULL) { - free (fp->_IO_save_base); + _IO_free_backup_buf (fp, fp->_IO_save_base); fp->_flags &= ~_IO_IN_BACKUP; } _IO_doallocbuf (fp); diff --git a/libio/genops.c b/libio/genops.c index d7e35e6..02e159d 100644 --- a/libio/genops.c +++ b/libio/genops.c @@ -1,4 +1,5 @@ /* Copyright (C) 1993-2024 Free Software Foundation, Inc. + Copyright The GNU Toolchain Authors. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -212,7 +213,7 @@ _IO_free_backup_area (FILE *fp) { if (_IO_in_backup (fp)) _IO_switch_to_main_get_area (fp); /* Just in case. */ - free (fp->_IO_save_base); + _IO_free_backup_buf (fp, fp->_IO_save_base); fp->_IO_save_base = NULL; fp->_IO_save_end = NULL; fp->_IO_backup_base = NULL; @@ -260,7 +261,7 @@ save_for_backup (FILE *fp, char *end_p) memcpy (new_buffer + avail, fp->_IO_read_base + least_mark, needed_size); - free (fp->_IO_save_base); + _IO_free_backup_buf (fp, fp->_IO_save_base); fp->_IO_save_base = new_buffer; fp->_IO_save_end = new_buffer + avail + needed_size; } @@ -636,7 +637,7 @@ _IO_default_finish (FILE *fp, int dummy) if (fp->_IO_save_base) { - free (fp->_IO_save_base); + _IO_free_backup_buf (fp, fp->_IO_save_base); fp->_IO_save_base = NULL; } @@ -998,11 +999,14 @@ _IO_default_pbackfail (FILE *fp, int c) else if (!_IO_have_backup (fp)) { /* No backup buffer: allocate one. */ - /* Use nshort buffer, if unused? (probably not) FIXME */ int backup_size = 128; char *bbuf = (char *) malloc (backup_size); if (bbuf == NULL) - return EOF; + { + /* Guarantee a 1-char pushback. */ + bbuf = fp->_short_backupbuf; + backup_size = 1; + } fp->_IO_save_base = bbuf; fp->_IO_save_end = fp->_IO_save_base + backup_size; fp->_IO_backup_base = fp->_IO_save_end; @@ -1022,7 +1026,7 @@ _IO_default_pbackfail (FILE *fp, int c) return EOF; memcpy (new_buf + (new_size - old_size), fp->_IO_read_base, old_size); - free (fp->_IO_read_base); + _IO_free_backup_buf (fp, fp->_IO_read_base); _IO_setg (fp, new_buf, new_buf + (new_size - old_size), new_buf + new_size); fp->_IO_backup_base = fp->_IO_read_ptr; diff --git a/libio/libioP.h b/libio/libioP.h index ad45579..714abbd 100644 --- a/libio/libioP.h +++ b/libio/libioP.h @@ -1,4 +1,5 @@ /* Copyright (C) 1993-2024 Free Software Foundation, Inc. + Copyright The GNU Toolchain Authors. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -911,30 +912,30 @@ extern int _IO_vscanf (const char *, va_list) __THROW; # define FILEBUF_LITERAL(CHAIN, FLAGS, FD, WDP) \ { _IO_MAGIC+_IO_LINKED+_IO_IS_FILEBUF+FLAGS, \ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, \ - NULL, NULL, (FILE *) CHAIN, FD, \ - 0, _IO_pos_BAD, 0, 0, { 0 }, &_IO_stdfile_##FD##_lock } + NULL, NULL, (FILE *) CHAIN, FD, 0, { 0 }, \ + _IO_pos_BAD, 0, 0, { 0 }, &_IO_stdfile_##FD##_lock } # else # define FILEBUF_LITERAL(CHAIN, FLAGS, FD, WDP) \ { _IO_MAGIC+_IO_LINKED+_IO_IS_FILEBUF+FLAGS, \ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, \ - NULL, NULL, (FILE *) CHAIN, FD, \ - 0, _IO_pos_BAD, 0, 0, { 0 }, &_IO_stdfile_##FD##_lock, _IO_pos_BAD,\ - NULL, WDP, NULL } + NULL, NULL, (FILE *) CHAIN, FD, 0, { 0 }, \ + _IO_pos_BAD, 0, 0, { 0 }, &_IO_stdfile_##FD##_lock, \ + _IO_pos_BAD, NULL, WDP, NULL } # endif #else # ifdef _IO_USE_OLD_IO_FILE # define FILEBUF_LITERAL(CHAIN, FLAGS, FD, WDP) \ { _IO_MAGIC+_IO_LINKED+_IO_IS_FILEBUF+FLAGS, \ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, \ - NULL, NULL, (FILE *) CHAIN, FD, \ - 0, _IO_pos_BAD } + NULL, NULL, (FILE *) CHAIN, FD, 0, { 0 }, \ + _IO_pos_BAD } # else # define FILEBUF_LITERAL(CHAIN, FLAGS, FD, WDP) \ { _IO_MAGIC+_IO_LINKED+_IO_IS_FILEBUF+FLAGS, \ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, \ - NULL, NULL, (FILE *) CHAIN, FD, \ - 0, _IO_pos_BAD, 0, 0, { 0 }, NULL, _IO_pos_BAD, \ - NULL, WDP, NULL } + NULL, NULL, (FILE *) CHAIN, FD, 0, { 0 }, \ + _IO_pos_BAD, 0, 0, { 0 }, NULL, \ + _IO_pos_BAD, NULL, WDP, NULL } # endif #endif @@ -1040,6 +1041,15 @@ IO_validate_vtable (const struct _IO_jump_t *vtable) return vtable; } +/* In case of an allocation failure, we resort to using the fixed buffer + _SHORT_BACKUPBUF. Free PTR unless it points to that buffer. */ +static __always_inline void +_IO_free_backup_buf (FILE *fp, char *ptr) +{ + if (ptr != fp->_short_backupbuf) + free (ptr); +} + /* Character set conversion. */ enum __codecvt_result diff --git a/libio/oldfileops.c b/libio/oldfileops.c index 8f775c9..03f4d76 100644 --- a/libio/oldfileops.c +++ b/libio/oldfileops.c @@ -1,4 +1,5 @@ /* Copyright (C) 1993-2024 Free Software Foundation, Inc. + Copyright The GNU Toolchain Authors. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -311,7 +312,7 @@ _IO_old_file_underflow (FILE *fp) /* Maybe we already have a push back pointer. */ if (fp->_IO_save_base != NULL) { - free (fp->_IO_save_base); + _IO_free_backup_buf (fp, fp->_IO_save_base); fp->_flags &= ~_IO_IN_BACKUP; } _IO_doallocbuf (fp); @@ -464,7 +465,7 @@ _IO_old_file_seekoff (FILE *fp, off64_t offset, int dir, int mode) /* It could be that we already have a pushback buffer. */ if (fp->_IO_read_base != NULL) { - free (fp->_IO_read_base); + _IO_free_backup_buf (fp, fp->_IO_read_base); fp->_flags &= ~_IO_IN_BACKUP; } _IO_doallocbuf (fp); diff --git a/libio/wfileops.c b/libio/wfileops.c index 16beab1..a96bfa5 100644 --- a/libio/wfileops.c +++ b/libio/wfileops.c @@ -1,4 +1,5 @@ /* Copyright (C) 1993-2024 Free Software Foundation, Inc. + Copyright The GNU Toolchain Authors. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -175,7 +176,7 @@ _IO_wfile_underflow (FILE *fp) /* Maybe we already have a push back pointer. */ if (fp->_IO_save_base != NULL) { - free (fp->_IO_save_base); + _IO_free_backup_buf (fp, fp->_IO_save_base); fp->_flags &= ~_IO_IN_BACKUP; } _IO_doallocbuf (fp); |