Paul Eggert wrote:
> OK, I installed this patch.
>
> 2007-12-29 Paul Eggert <[EMAIL PROTECTED]>
>
> * lib/memmem.c (knuth_morris_pratt): Check for size_t overflow
> when multiplying M by sizeof (size_t).
Thanks. Let me generalize it, as follows.
2007-12-30 Bruno Haible <[EMAIL PROTECTED]>
* lib/malloca.h (nmalloca): New macro.
* lib/c-strcasestr.c (knuth_morris_pratt): Use it.
* lib/c-strstr.c (knuth_morris_pratt): Likewise.
* lib/mbscasestr.c (knuth_morris_pratt_unibyte,
knuth_morris_pratt_multibyte): Likewise.
* lib/mbsstr.c (knuth_morris_pratt_unibyte,
knuth_morris_pratt_multibyte): Likewise.
* lib/memmem.c (knuth_morris_pratt): Likewise.
* lib/strcasestr.c (knuth_morris_pratt): Likewise.
*** lib/malloca.h.orig 2007-12-30 16:44:24.000000000 +0100
--- lib/malloca.h 2007-12-30 16:21:32.000000000 +0100
***************
*** 70,78 ****
# define freea free
#endif
! /* Maybe we should also define a variant
! nmalloca (size_t n, size_t s) - behaves like malloca (n * s)
! If this would be useful in your application. please speak up. */
#ifdef __cplusplus
--- 70,88 ----
# define freea free
#endif
! /* nmalloca(N,S) is an overflow-safe variant of malloca (N * S).
! It allocates an array of N objects, each with S bytes of memory,
! on the stack. S must be positive and N must be nonnegative.
! The array must be freed using freea() before the function returns. */
! #if 1
! /* Cf. the definition of xalloc_oversized. */
! # define nmalloca(n, s) \
! ((n) > (size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) \
! ? NULL \
! : malloca ((n) * (s)))
! #else
! extern void * nmalloca (size_t n, size_t s);
! #endif
#ifdef __cplusplus
*** lib/c-strcasestr.c.orig 2007-12-30 16:44:24.000000000 +0100
--- lib/c-strcasestr.c 2007-12-30 16:37:08.000000000 +0100
***************
*** 37,43 ****
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) malloca (m * sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
--- 37,43 ----
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) nmalloca (m, sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
*** lib/c-strstr.c.orig 2007-12-30 16:44:24.000000000 +0100
--- lib/c-strstr.c 2007-12-30 16:37:22.000000000 +0100
***************
*** 36,42 ****
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) malloca (m * sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
--- 36,42 ----
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) nmalloca (m, sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
*** lib/mbscasestr.c.orig 2007-12-30 16:44:24.000000000 +0100
--- lib/mbscasestr.c 2007-12-30 16:37:58.000000000 +0100
***************
*** 42,48 ****
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) malloca (m * sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
--- 42,48 ----
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) nmalloca (m, sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
***************
*** 164,170 ****
size_t *table;
/* Allocate room for needle_mbchars and the table. */
! char *memory = (char *) malloca (m * (sizeof (mbchar_t) + sizeof (size_t)));
if (memory == NULL)
return false;
needle_mbchars = (mbchar_t *) memory;
--- 164,170 ----
size_t *table;
/* Allocate room for needle_mbchars and the table. */
! char *memory = (char *) nmalloca (m, sizeof (mbchar_t) + sizeof (size_t));
if (memory == NULL)
return false;
needle_mbchars = (mbchar_t *) memory;
*** lib/mbsstr.c.orig 2007-12-30 16:44:24.000000000 +0100
--- lib/mbsstr.c 2007-12-30 16:39:36.000000000 +0100
***************
*** 39,45 ****
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) malloca (m * sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
--- 39,45 ----
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) nmalloca (m, sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
***************
*** 160,166 ****
size_t *table;
/* Allocate room for needle_mbchars and the table. */
! char *memory = (char *) malloca (m * (sizeof (mbchar_t) + sizeof (size_t)));
if (memory == NULL)
return false;
needle_mbchars = (mbchar_t *) memory;
--- 160,166 ----
size_t *table;
/* Allocate room for needle_mbchars and the table. */
! char *memory = (char *) nmalloca (m, sizeof (mbchar_t) + sizeof (size_t));
if (memory == NULL)
return false;
needle_mbchars = (mbchar_t *) memory;
*** lib/memmem.c.orig 2007-12-30 16:44:24.000000000 +0100
--- lib/memmem.c 2007-12-30 16:38:54.000000000 +0100
***************
*** 39,48 ****
const char **resultp)
{
/* Allocate the table. */
! size_t *table;
! if ((size_t) -1 / sizeof (size_t) < m)
! return false;
! table = (size_t *) malloca (m * sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
--- 39,45 ----
const char **resultp)
{
/* Allocate the table. */
! size_t *table = (size_t *) nmalloca (m, sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
*** lib/strcasestr.c.orig 2007-12-30 16:44:24.000000000 +0100
--- lib/strcasestr.c 2007-12-30 16:39:12.000000000 +0100
***************
*** 39,45 ****
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) malloca (m * sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
--- 39,45 ----
size_t m = strlen (needle);
/* Allocate the table. */
! size_t *table = (size_t *) nmalloca (m, sizeof (size_t));
if (table == NULL)
return false;
/* Fill the table.
