Annotation of src/usr.bin/sudo/alloc.c, Revision 1.11
1.1 millert 1: /*
1.11 ! millert 2: * Copyright (c) 1999-2005, 2007
! 3: * Todd C. Miller <Todd.Miller@courtesan.com>
1.1 millert 4: *
1.8 millert 5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
1.7 millert 16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
1.1 millert 20: */
21:
1.9 millert 22: #include <config.h>
1.1 millert 23:
1.3 millert 24: #include <sys/types.h>
25: #include <sys/param.h>
1.1 millert 26: #include <stdio.h>
27: #ifdef STDC_HEADERS
1.3 millert 28: # include <stdlib.h>
29: # include <stddef.h>
30: #else
31: # ifdef HAVE_STDLIB_H
32: # include <stdlib.h>
33: # endif
1.1 millert 34: #endif /* STDC_HEADERS */
35: #ifdef HAVE_STRING_H
1.3 millert 36: # include <string.h>
37: #else
38: # ifdef HAVE_STRINGS_H
39: # include <strings.h>
40: # endif
1.1 millert 41: #endif /* HAVE_STRING_H */
42: #if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
1.3 millert 43: # include <malloc.h>
1.1 millert 44: #endif /* HAVE_MALLOC_H && !STDC_HEADERS */
1.10 millert 45: #ifdef HAVE_INTTYPES_H
46: # include <inttypes.h>
47: #endif
1.1 millert 48:
49: #include "sudo.h"
50:
51: #ifndef lint
1.11 ! millert 52: __unused static const char rcsid[] = "$Sudo: alloc.c,v 1.33 2008/11/09 14:13:12 millert Exp $";
1.1 millert 53: #endif /* lint */
54:
1.5 millert 55: /*
56: * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
57: * could be signed (as it is on SunOS 4.x). This just means that
58: * emalloc2() and erealloc3() cannot allocate huge amounts on such a
59: * platform but that is OK since sudo doesn't need to do so anyway.
60: */
61: #ifndef SIZE_MAX
62: # ifdef SIZE_T_MAX
63: # define SIZE_MAX SIZE_T_MAX
64: # else
1.8 millert 65: # define SIZE_MAX INT_MAX
1.5 millert 66: # endif /* SIZE_T_MAX */
67: #endif /* SIZE_MAX */
68:
1.1 millert 69: /*
70: * emalloc() calls the system malloc(3) and exits with an error if
71: * malloc(3) fails.
72: */
1.11 ! millert 73: void *
1.1 millert 74: emalloc(size)
75: size_t size;
76: {
1.11 ! millert 77: void *ptr;
1.1 millert 78:
1.6 millert 79: if (size == 0)
1.11 ! millert 80: errorx(1, "internal error, tried to emalloc(0)");
1.6 millert 81:
1.11 ! millert 82: if ((ptr = malloc(size)) == NULL)
! 83: errorx(1, "unable to allocate memory");
1.5 millert 84: return(ptr);
85: }
86:
87: /*
88: * emalloc2() allocates nmemb * size bytes and exits with an error
89: * if overflow would occur or if the system malloc(3) fails.
90: */
1.11 ! millert 91: void *
1.5 millert 92: emalloc2(nmemb, size)
93: size_t nmemb;
94: size_t size;
95: {
1.11 ! millert 96: void *ptr;
1.5 millert 97:
1.6 millert 98: if (nmemb == 0 || size == 0)
1.11 ! millert 99: errorx(1, "internal error, tried to emalloc2(0)");
1.6 millert 100: if (nmemb > SIZE_MAX / size)
1.11 ! millert 101: errorx(1, "internal error, emalloc2() overflow");
1.6 millert 102:
1.5 millert 103: size *= nmemb;
1.11 ! millert 104: if ((ptr = malloc(size)) == NULL)
! 105: errorx(1, "unable to allocate memory");
1.1 millert 106: return(ptr);
107: }
108:
109: /*
110: * erealloc() calls the system realloc(3) and exits with an error if
111: * realloc(3) fails. You can call erealloc() with a NULL pointer even
112: * if the system realloc(3) does not support this.
113: */
1.11 ! millert 114: void *
1.1 millert 115: erealloc(ptr, size)
1.11 ! millert 116: void *ptr;
1.1 millert 117: size_t size;
118: {
119:
1.6 millert 120: if (size == 0)
1.11 ! millert 121: errorx(1, "internal error, tried to erealloc(0)");
1.6 millert 122:
1.11 ! millert 123: ptr = ptr ? realloc(ptr, size) : malloc(size);
1.6 millert 124: if (ptr == NULL)
1.11 ! millert 125: errorx(1, "unable to allocate memory");
1.5 millert 126: return(ptr);
127: }
128:
129: /*
130: * erealloc3() realloc(3)s nmemb * size bytes and exits with an error
131: * if overflow would occur or if the system malloc(3)/realloc(3) fails.
132: * You can call erealloc() with a NULL pointer even if the system realloc(3)
133: * does not support this.
134: */
1.11 ! millert 135: void *
1.5 millert 136: erealloc3(ptr, nmemb, size)
1.11 ! millert 137: void *ptr;
1.5 millert 138: size_t nmemb;
139: size_t size;
140: {
141:
1.6 millert 142: if (nmemb == 0 || size == 0)
1.11 ! millert 143: errorx(1, "internal error, tried to erealloc3(0)");
1.6 millert 144: if (nmemb > SIZE_MAX / size)
1.11 ! millert 145: errorx(1, "internal error, erealloc3() overflow");
1.6 millert 146:
1.5 millert 147: size *= nmemb;
1.11 ! millert 148: ptr = ptr ? realloc(ptr, size) : malloc(size);
1.6 millert 149: if (ptr == NULL)
1.11 ! millert 150: errorx(1, "unable to allocate memory");
1.1 millert 151: return(ptr);
152: }
153:
154: /*
155: * estrdup() is like strdup(3) except that it exits with an error if
156: * malloc(3) fails. NOTE: unlike strdup(3), estrdup(NULL) is legal.
157: */
158: char *
159: estrdup(src)
160: const char *src;
161: {
162: char *dst = NULL;
1.5 millert 163: size_t size;
1.1 millert 164:
165: if (src != NULL) {
1.5 millert 166: size = strlen(src) + 1;
167: dst = (char *) emalloc(size);
168: (void) memcpy(dst, src, size);
1.1 millert 169: }
170: return(dst);
171: }
172:
173: /*
174: * easprintf() calls vasprintf() and exits with an error if vasprintf()
175: * returns -1 (out of memory).
176: */
1.2 millert 177: int
1.1 millert 178: #ifdef __STDC__
179: easprintf(char **ret, const char *fmt, ...)
180: #else
1.9 millert 181: easprintf(ret, fmt, va_alist)
182: char **ret;
183: const char *fmt;
1.1 millert 184: va_dcl
185: #endif
186: {
187: int len;
188: va_list ap;
189: #ifdef __STDC__
190: va_start(ap, fmt);
191: #else
192: va_start(ap);
193: #endif
194: len = vasprintf(ret, fmt, ap);
195: va_end(ap);
196:
1.6 millert 197: if (len == -1)
1.11 ! millert 198: errorx(1, "unable to allocate memory");
1.2 millert 199: return(len);
1.1 millert 200: }
201:
202: /*
203: * evasprintf() calls vasprintf() and exits with an error if vasprintf()
204: * returns -1 (out of memory).
205: */
1.2 millert 206: int
1.1 millert 207: evasprintf(ret, format, args)
208: char **ret;
209: const char *format;
210: va_list args;
211: {
1.2 millert 212: int len;
1.1 millert 213:
1.6 millert 214: if ((len = vasprintf(ret, format, args)) == -1)
1.11 ! millert 215: errorx(1, "unable to allocate memory");
1.2 millert 216: return(len);
1.9 millert 217: }
218:
219: /*
220: * Wrapper for free(3) so we can depend on C89 semantics.
221: */
222: void
223: efree(ptr)
1.11 ! millert 224: void *ptr;
1.9 millert 225: {
226: if (ptr != NULL)
227: free(ptr);
1.1 millert 228: }