From 7f39ce5f9b635444e06302fbe556709e84bf3b9a Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Sat, 28 Mar 2026 04:19:25 +0000 Subject: libreboot-utils: extremely safe(ish) malloc usage yes, a common thing in C programs is one or all of the following: * use after frees * double free (on non-NULL pointer) * over-writing currently used pointer (mem leak) i try to reduce the chance of this in my software, by running free() through a filter function, free_if_not_null, that returns if a function is being freed twice - because it sets NULL after freeing, but will only free if it's not null already. this patch adds two functions: smalloc and vmalloc, for strings and voids. using these makes the program abort if: * non-null pointer given for initialisation * pointer to pointer is null (of course) * size of zero given, for malloc (zero bytes) i myself was caught out by this change, prompting me to make the following fix in fs_dirname_basename() inside lib/file.c: - char *buf; + char *buf = NULL; Yes. Signed-off-by: Leah Rowe --- util/libreboot-utils/lib/rand.c | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) (limited to 'util/libreboot-utils/lib/rand.c') diff --git a/util/libreboot-utils/lib/rand.c b/util/libreboot-utils/lib/rand.c index 10831e44..863ace17 100644 --- a/util/libreboot-utils/lib/rand.c +++ b/util/libreboot-utils/lib/rand.c @@ -72,13 +72,6 @@ * or your program dies. */ -void * -rmalloc(size_t *rval) -{ - return if_err(rval == NULL, EFAULT) ? - NULL : mkrstr(*rval = rsize(BUFSIZ)); -} - size_t rsize(size_t n) { @@ -120,17 +113,7 @@ void * mkrbuf(size_t n) { void *buf = NULL; - - if (n == 0) - err_no_cleanup(0, EPERM, "mkrbuf: zero-byte request"); - - if (n >= SIZE_MAX - 1) - err_no_cleanup(0, EOVERFLOW, "integer overflow in mkrbuf"); - - if ((buf = malloc(n)) == NULL) - err_no_cleanup(0, ENOMEM, "mkrbuf: malloc"); - - rset(buf, n); + rset(vmalloc(&buf, n), n); return buf; /* basically malloc() but with rand */ } -- cgit v1.2.1