Browse Source

Stop enumeration all allocation functions, just say "allocation functions"

ok jmc@ deraadt@
OPENBSD_6_1
otto 7 years ago
parent
commit
cf1d70783e
1 changed files with 13 additions and 32 deletions
  1. +13
    -32
      src/lib/libc/stdlib/malloc.3

+ 13
- 32
src/lib/libc/stdlib/malloc.3 View File

@ -30,9 +30,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE. .\" SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: malloc.3,v 1.106 2017/03/24 16:17:50 otto Exp $
.\" $OpenBSD: malloc.3,v 1.107 2017/03/26 09:21:33 otto Exp $
.\" .\"
.Dd $Mdocdate: March 24 2017 $
.Dd $Mdocdate: March 26 2017 $
.Dt MALLOC 3 .Dt MALLOC 3
.Os .Os
.Sh NAME .Sh NAME
@ -164,20 +164,11 @@ pointer, no action occurs.
If If
.Fa ptr .Fa ptr
was previously freed by was previously freed by
.Fn free ,
.Fn realloc ,
.Fn reallocarray
or
.Fn recallocarray ,
.Fn free
or an allocation function,
the behavior is undefined and the double free is a security concern. the behavior is undefined and the double free is a security concern.
.Sh RETURN VALUES .Sh RETURN VALUES
Upon successful completion, the functions
.Fn malloc ,
.Fn calloc ,
.Fn realloc ,
.Fn reallocarray
and
.Fn recallocarray
Upon successful completion, the allocation functions
return a pointer to the allocated space; otherwise, a return a pointer to the allocated space; otherwise, a
.Dv NULL .Dv NULL
pointer is returned and pointer is returned and
@ -380,9 +371,10 @@ if ((p = malloc(size * num)) == NULL)
Assuming the implementation checks for integer overflow as Assuming the implementation checks for integer overflow as
.Ox .Ox
does, it is much easier to use does, it is much easier to use
.Fn calloc
.Fn calloc ,
.Fn reallocarray ,
or or
.Fn reallocarray .
.Fn recallocarray .
.Pp .Pp
The above examples could be simplified to: The above examples could be simplified to:
.Bd -literal -offset indent .Bd -literal -offset indent
@ -396,14 +388,7 @@ if ((p = calloc(num, size)) == NULL)
err(1, NULL); err(1, NULL);
.Ed .Ed
.Sh DIAGNOSTICS .Sh DIAGNOSTICS
If
.Fn malloc ,
.Fn calloc ,
.Fn realloc ,
.Fn reallocarray ,
or
.Fn free
detect an error condition,
If any of the functions detect an error condition,
a message will be printed to file descriptor a message will be printed to file descriptor
2 (not using stdio). 2 (not using stdio).
Errors will result in the process being aborted. Errors will result in the process being aborted.
@ -413,12 +398,7 @@ Here is a brief description of the error messages and what they mean:
.It Dq out of memory .It Dq out of memory
If the If the
.Cm X .Cm X
option is specified it is an error for
.Fn malloc ,
.Fn calloc ,
.Fn realloc ,
or
.Fn reallocarray
option is specified it is an error for the allocation functions
to return to return
.Dv NULL . .Dv NULL .
.It Dq malloc init mmap failed .It Dq malloc init mmap failed
@ -588,9 +568,10 @@ An attacker may be able to leverage this heap corruption to execute arbitrary
code. code.
.Pp .Pp
Consider using Consider using
.Fn calloc
or
.Fn calloc ,
.Fn reallocarray .Fn reallocarray
or
.Fn recallocarray
instead of using multiplication in instead of using multiplication in
.Fn malloc .Fn malloc
and and


Loading…
Cancel
Save