|
|
@ -30,9 +30,9 @@ |
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
|
|
.\" SUCH DAMAGE. |
|
|
.\" SUCH DAMAGE. |
|
|
.\" |
|
|
.\" |
|
|
.\" $OpenBSD: malloc.3,v 1.106 2017/03/24 16:17:50 otto Exp $ |
|
|
|
|
|
|
|
|
.\" $OpenBSD: malloc.3,v 1.107 2017/03/26 09:21:33 otto Exp $ |
|
|
.\" |
|
|
.\" |
|
|
.Dd $Mdocdate: March 24 2017 $ |
|
|
|
|
|
|
|
|
.Dd $Mdocdate: March 26 2017 $ |
|
|
.Dt MALLOC 3 |
|
|
.Dt MALLOC 3 |
|
|
.Os |
|
|
.Os |
|
|
.Sh NAME |
|
|
.Sh NAME |
|
|
@ -164,20 +164,11 @@ pointer, no action occurs. |
|
|
If |
|
|
If |
|
|
.Fa ptr |
|
|
.Fa ptr |
|
|
was previously freed by |
|
|
was previously freed by |
|
|
.Fn free , |
|
|
|
|
|
.Fn realloc , |
|
|
|
|
|
.Fn reallocarray |
|
|
|
|
|
or |
|
|
|
|
|
.Fn recallocarray , |
|
|
|
|
|
|
|
|
.Fn free |
|
|
|
|
|
or an allocation function, |
|
|
the behavior is undefined and the double free is a security concern. |
|
|
the behavior is undefined and the double free is a security concern. |
|
|
.Sh RETURN VALUES |
|
|
.Sh RETURN VALUES |
|
|
Upon successful completion, the functions |
|
|
|
|
|
.Fn malloc , |
|
|
|
|
|
.Fn calloc , |
|
|
|
|
|
.Fn realloc , |
|
|
|
|
|
.Fn reallocarray |
|
|
|
|
|
and |
|
|
|
|
|
.Fn recallocarray |
|
|
|
|
|
|
|
|
Upon successful completion, the allocation functions |
|
|
return a pointer to the allocated space; otherwise, a |
|
|
return a pointer to the allocated space; otherwise, a |
|
|
.Dv NULL |
|
|
.Dv NULL |
|
|
pointer is returned and |
|
|
pointer is returned and |
|
|
@ -380,9 +371,10 @@ if ((p = malloc(size * num)) == NULL) |
|
|
Assuming the implementation checks for integer overflow as |
|
|
Assuming the implementation checks for integer overflow as |
|
|
.Ox |
|
|
.Ox |
|
|
does, it is much easier to use |
|
|
does, it is much easier to use |
|
|
.Fn calloc |
|
|
|
|
|
|
|
|
.Fn calloc , |
|
|
|
|
|
.Fn reallocarray , |
|
|
or |
|
|
or |
|
|
.Fn reallocarray . |
|
|
|
|
|
|
|
|
.Fn recallocarray . |
|
|
.Pp |
|
|
.Pp |
|
|
The above examples could be simplified to: |
|
|
The above examples could be simplified to: |
|
|
.Bd -literal -offset indent |
|
|
.Bd -literal -offset indent |
|
|
@ -396,14 +388,7 @@ if ((p = calloc(num, size)) == NULL) |
|
|
err(1, NULL); |
|
|
err(1, NULL); |
|
|
.Ed |
|
|
.Ed |
|
|
.Sh DIAGNOSTICS |
|
|
.Sh DIAGNOSTICS |
|
|
If |
|
|
|
|
|
.Fn malloc , |
|
|
|
|
|
.Fn calloc , |
|
|
|
|
|
.Fn realloc , |
|
|
|
|
|
.Fn reallocarray , |
|
|
|
|
|
or |
|
|
|
|
|
.Fn free |
|
|
|
|
|
detect an error condition, |
|
|
|
|
|
|
|
|
If any of the functions detect an error condition, |
|
|
a message will be printed to file descriptor |
|
|
a message will be printed to file descriptor |
|
|
2 (not using stdio). |
|
|
2 (not using stdio). |
|
|
Errors will result in the process being aborted. |
|
|
Errors will result in the process being aborted. |
|
|
@ -413,12 +398,7 @@ Here is a brief description of the error messages and what they mean: |
|
|
.It Dq out of memory |
|
|
.It Dq out of memory |
|
|
If the |
|
|
If the |
|
|
.Cm X |
|
|
.Cm X |
|
|
option is specified it is an error for |
|
|
|
|
|
.Fn malloc , |
|
|
|
|
|
.Fn calloc , |
|
|
|
|
|
.Fn realloc , |
|
|
|
|
|
or |
|
|
|
|
|
.Fn reallocarray |
|
|
|
|
|
|
|
|
option is specified it is an error for the allocation functions |
|
|
to return |
|
|
to return |
|
|
.Dv NULL . |
|
|
.Dv NULL . |
|
|
.It Dq malloc init mmap failed |
|
|
.It Dq malloc init mmap failed |
|
|
@ -588,9 +568,10 @@ An attacker may be able to leverage this heap corruption to execute arbitrary |
|
|
code. |
|
|
code. |
|
|
.Pp |
|
|
.Pp |
|
|
Consider using |
|
|
Consider using |
|
|
.Fn calloc |
|
|
|
|
|
or |
|
|
|
|
|
|
|
|
.Fn calloc , |
|
|
.Fn reallocarray |
|
|
.Fn reallocarray |
|
|
|
|
|
or |
|
|
|
|
|
.Fn recallocarray |
|
|
instead of using multiplication in |
|
|
instead of using multiplication in |
|
|
.Fn malloc |
|
|
.Fn malloc |
|
|
and |
|
|
and |
|
|
|
otto
7 years ago