aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Pluzhnikov <ppluzhnikov@google.com>2015-08-12 18:56:08 -0700
committerPaul Pluzhnikov <ppluzhnikov@google.com>2015-08-12 18:56:08 -0700
commit8a29509dd9aa179bfe4ef96d49d72f6816ec878f (patch)
tree3adc134bbc346804b13acf375b1dfa287225ea44
parent84895dca70f972df3842fb88f7b33b5d695cc599 (diff)
downloadglibc-8a29509dd9aa179bfe4ef96d49d72f6816ec878f.zip
glibc-8a29509dd9aa179bfe4ef96d49d72f6816ec878f.tar.gz
glibc-8a29509dd9aa179bfe4ef96d49d72f6816ec878f.tar.bz2
Fix BZ #16734 -- fopen calls mmap to allocate its buffer
-rw-r--r--ChangeLog15
-rw-r--r--NEWS4
-rw-r--r--libio/filedoalloc.c4
-rw-r--r--libio/genops.c12
-rw-r--r--libio/libio.h3
-rw-r--r--libio/libioP.h40
-rw-r--r--libio/wfiledoalloc.c4
-rw-r--r--libio/wgenops.c9
8 files changed, 36 insertions, 55 deletions
diff --git a/ChangeLog b/ChangeLog
index 24e029e..5f94da6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+2015-08-12 Paul Pluzhnikov <ppluzhnikov@google.com>
+
+ [BZ #16734]
+ * libio/libioP.h (ROUND_TO_PAGE, ALLOC_BUF, ALLOC_WBUF): Delete.
+ (FREE_BUF): Delete.
+ * libio/libio.h (_IO_FILE_complete): Delete unused _freeres_size.
+ * libio/genops.c (_IO_setb): Use malloc and free directly.
+ (_IO_default_doallocate, _IO_default_finish): Likewise.
+ ( _IO_unbuffer_all): Likewise.
+ ( libc_freeres_fn): Likewise.
+ * libio/filedoalloc.c (_IO_file_doallocate): Likewise.
+ * libio/wfiledoalloc.c (_IO_wfile_doallocate): Likewise.
+ * libio/wgenops.c (_IO_wsetb, _IO_wdefault_finish): Likewise.
+ (_IO_wdefault_doallocate): Likewise.
+
2015-08-11 Paul Pluzhnikov <ppluzhnikov@google.com>
[BZ #18086]
diff --git a/NEWS b/NEWS
index c6a2c2c..97ab768 100644
--- a/NEWS
+++ b/NEWS
@@ -9,8 +9,8 @@ Version 2.23
* The following bugs are resolved with this release:
- 16517, 16519, 17905, 18086, 18265, 18480, 18525, 18618, 18647, 18661,
- 18674, 18778, 18781, 18787, 18789, 18790.
+ 16517, 16519, 16734, 17905, 18086, 18265, 18480, 18525, 18618, 18647,
+ 18661, 18674, 18778, 18781, 18787, 18789, 18790.
Version 2.22
diff --git a/libio/filedoalloc.c b/libio/filedoalloc.c
index 918a24a..78aa3d5 100644
--- a/libio/filedoalloc.c
+++ b/libio/filedoalloc.c
@@ -125,7 +125,9 @@ _IO_file_doallocate (fp)
size = st.st_blksize;
#endif
}
- ALLOC_BUF (p, size, EOF);
+ p = malloc (size);
+ if (__glibc_unlikely (p == NULL))
+ return EOF;
_IO_setb (fp, p, p + size, 1);
return 1;
}
diff --git a/libio/genops.c b/libio/genops.c
index e13b3d1..45c9d41 100644
--- a/libio/genops.c
+++ b/libio/genops.c
@@ -398,7 +398,7 @@ _IO_setb (f, b, eb, a)
int a;
{
if (f->_IO_buf_base && !(f->_flags & _IO_USER_BUF))
- FREE_BUF (f->_IO_buf_base, _IO_blen (f));
+ free (f->_IO_buf_base);
f->_IO_buf_base = b;
f->_IO_buf_end = eb;
if (a)
@@ -587,7 +587,10 @@ _IO_default_doallocate (fp)
{
char *buf;
- ALLOC_BUF (buf, _IO_BUFSIZ, EOF);
+ buf = malloc(_IO_BUFSIZ);
+ if (__glibc_unlikely (buf == NULL))
+ return EOF;
+
_IO_setb (fp, buf, buf+_IO_BUFSIZ, 1);
return 1;
}
@@ -687,7 +690,7 @@ _IO_default_finish (fp, dummy)
struct _IO_marker *mark;
if (fp->_IO_buf_base && !(fp->_flags & _IO_USER_BUF))
{
- FREE_BUF (fp->_IO_buf_base, _IO_blen (fp));
+ free (fp->_IO_buf_base);
fp->_IO_buf_base = fp->_IO_buf_end = NULL;
}
@@ -972,7 +975,6 @@ _IO_unbuffer_all (void)
fp->_freeres_list = freeres_list;
freeres_list = fp;
fp->_freeres_buf = fp->_IO_buf_base;
- fp->_freeres_size = _IO_blen (fp);
}
_IO_SETBUF (fp, NULL, 0);
@@ -999,7 +1001,7 @@ libc_freeres_fn (buffer_free)
while (freeres_list != NULL)
{
- FREE_BUF (freeres_list->_freeres_buf, freeres_list->_freeres_size);
+ free (freeres_list->_freeres_buf);
freeres_list = freeres_list->_freeres_list;
}
diff --git a/libio/libio.h b/libio/libio.h
index 9ff1fb0..08e0347 100644
--- a/libio/libio.h
+++ b/libio/libio.h
@@ -297,14 +297,13 @@ struct _IO_FILE_complete
struct _IO_wide_data *_wide_data;
struct _IO_FILE *_freeres_list;
void *_freeres_buf;
- size_t _freeres_size;
# else
void *__pad1;
void *__pad2;
void *__pad3;
void *__pad4;
- size_t __pad5;
# endif
+ size_t __pad5;
int _mode;
/* Make sure we don't get into trouble again. */
char _unused2[15 * sizeof (int) - 4 * sizeof (void *) - sizeof (size_t)];
diff --git a/libio/libioP.h b/libio/libioP.h
index 0f16e2d..36170ea 100644
--- a/libio/libioP.h
+++ b/libio/libioP.h
@@ -760,46 +760,6 @@ extern _IO_off64_t _IO_seekpos_unlocked (_IO_FILE *, _IO_off64_t, int)
# define munmap __munmap
# define ftruncate __ftruncate
# endif
-
-# define ROUND_TO_PAGE(_S) \
- (((_S) + EXEC_PAGESIZE - 1) & ~(EXEC_PAGESIZE - 1))
-
-# define FREE_BUF(_B, _S) \
- munmap ((_B), ROUND_TO_PAGE (_S))
-# define ALLOC_BUF(_B, _S, _R) \
- do { \
- (_B) = (char *) mmap (0, ROUND_TO_PAGE (_S), \
- PROT_READ | PROT_WRITE, \
- MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); \
- if ((_B) == (char *) MAP_FAILED) \
- return (_R); \
- } while (0)
-# define ALLOC_WBUF(_B, _S, _R) \
- do { \
- (_B) = (wchar_t *) mmap (0, ROUND_TO_PAGE (_S), \
- PROT_READ | PROT_WRITE, \
- MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); \
- if ((_B) == (wchar_t *) MAP_FAILED) \
- return (_R); \
- } while (0)
-
-#else /* _G_HAVE_MMAP */
-
-# define FREE_BUF(_B, _S) \
- free(_B)
-# define ALLOC_BUF(_B, _S, _R) \
- do { \
- (_B) = (char*)malloc(_S); \
- if ((_B) == NULL) \
- return (_R); \
- } while (0)
-# define ALLOC_WBUF(_B, _S, _R) \
- do { \
- (_B) = (wchar_t *)malloc(_S); \
- if ((_B) == NULL) \
- return (_R); \
- } while (0)
-
#endif /* _G_HAVE_MMAP */
#ifndef OS_FSTAT
diff --git a/libio/wfiledoalloc.c b/libio/wfiledoalloc.c
index 12425fd..4acf3f8 100644
--- a/libio/wfiledoalloc.c
+++ b/libio/wfiledoalloc.c
@@ -95,7 +95,9 @@ _IO_wfile_doallocate (fp)
size = fp->_IO_buf_end - fp->_IO_buf_base;
if ((fp->_flags & _IO_USER_BUF))
size = (size + sizeof (wchar_t) - 1) / sizeof (wchar_t);
- ALLOC_WBUF (p, size * sizeof (wchar_t), EOF);
+ p = malloc (size * sizeof (wchar_t));
+ if (__glibc_unlikely (p == NULL))
+ return EOF;
_IO_wsetb (fp, p, p + size, 1);
return 1;
}
diff --git a/libio/wgenops.c b/libio/wgenops.c
index 69f3b95..e7d2d1c 100644
--- a/libio/wgenops.c
+++ b/libio/wgenops.c
@@ -111,7 +111,7 @@ _IO_wsetb (f, b, eb, a)
int a;
{
if (f->_wide_data->_IO_buf_base && !(f->_flags2 & _IO_FLAGS2_USER_WBUF))
- FREE_BUF (f->_wide_data->_IO_buf_base, _IO_wblen (f) * sizeof (wchar_t));
+ free (f->_wide_data->_IO_buf_base);
f->_wide_data->_IO_buf_base = b;
f->_wide_data->_IO_buf_end = eb;
if (a)
@@ -195,8 +195,7 @@ _IO_wdefault_finish (fp, dummy)
struct _IO_marker *mark;
if (fp->_wide_data->_IO_buf_base && !(fp->_flags2 & _IO_FLAGS2_USER_WBUF))
{
- FREE_BUF (fp->_wide_data->_IO_buf_base,
- _IO_wblen (fp) * sizeof (wchar_t));
+ free (fp->_wide_data->_IO_buf_base);
fp->_wide_data->_IO_buf_base = fp->_wide_data->_IO_buf_end = NULL;
}
@@ -426,7 +425,9 @@ _IO_wdefault_doallocate (fp)
{
wchar_t *buf;
- ALLOC_WBUF (buf, _IO_BUFSIZ, EOF);
+ buf = malloc (_IO_BUFSIZ);
+ if (__glibc_unlikely (buf == NULL))
+ return EOF;
_IO_wsetb (fp, buf, buf + _IO_BUFSIZ, 1);
return 1;
}