From 7f39ce5f9b635444e06302fbe556709e84bf3b9a Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Sat, 28 Mar 2026 04:19:25 +0000 Subject: libreboot-utils: extremely safe(ish) malloc usage yes, a common thing in C programs is one or all of the following: * use after frees * double free (on non-NULL pointer) * over-writing currently used pointer (mem leak) i try to reduce the chance of this in my software, by running free() through a filter function, free_if_not_null, that returns if a function is being freed twice - because it sets NULL after freeing, but will only free if it's not null already. this patch adds two functions: smalloc and vmalloc, for strings and voids. using these makes the program abort if: * non-null pointer given for initialisation * pointer to pointer is null (of course) * size of zero given, for malloc (zero bytes) i myself was caught out by this change, prompting me to make the following fix in fs_dirname_basename() inside lib/file.c: - char *buf; + char *buf = NULL; Yes. Signed-off-by: Leah Rowe --- util/libreboot-utils/include/common.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'util/libreboot-utils/include') diff --git a/util/libreboot-utils/include/common.h b/util/libreboot-utils/include/common.h index 77672846..652b8c08 100644 --- a/util/libreboot-utils/include/common.h +++ b/util/libreboot-utils/include/common.h @@ -375,6 +375,8 @@ void write_mac_part(size_t partnum); int xunveilx(const char *path, const char *permissions); int xpledgex(const char *promises, const char *execpromises); +char *smalloc(char **buf, size_t size); +void *vmalloc(void **buf, size_t size); int slen(const char *scmp, size_t maxlen, size_t *rval); int scmp(const char *a, const char *b, @@ -393,7 +395,6 @@ int dcat(const char *s, size_t n, unsigned short hextonum(char ch_s); void *mkrbuf(size_t n); -void *rmalloc(size_t *size); /* don't ever use this */ void rset(void *buf, size_t n); void *mkrbuf(size_t n); char *mkrstr(size_t n); -- cgit v1.2.1