otto
f816214aa0
New options 'S', as a shorthand for the options most suitable as an
extra safeguard (FGJ). Idea from deraadt@; ok deraadt@ dlg@
15 years ago
oga
5548c875db
plug a file descriptor leak in HASHFileChunk().
From Igor Zinovik; thanks!
ok millert@
15 years ago
otto
da818aa199
save calls to arc4random() by using a nibble at a time; not because
arc4random() is slow, but it induces getpid() calls; also saves a
bit on stirring efforts
15 years ago
guenther
253b3ff700
No point in refreshing the pid from inside arc4_stir() when that
doesn't test it, so factor out the two places that test it into a
routine and do the refreshing there. With this, arch4random_buf()
doesn't trigger superfluous calls to getpid() when filling large
buffers.
ok deraadt@, "looks nicer indeed" otto@
15 years ago
miod
f303db8b57
Make userland malloc use __LDPGSZ granularity on mips, regardless of the
actual kernel page size.
15 years ago
jmc
d208a2f0f2
missing word;
from trhodes@freebsd, r200095;
15 years ago
otto
9ddcd3502a
Switch the chunk_info lists to doubly-linked lists and use the queue
macros for them. Avoids walking the lists and greatly enhances speed
of freeing chunks in reverse or random order at the cost of a little
space. Suggested by Fabien Romano and Jonathan Armani; ok djm@
15 years ago
otto
600b8b9fd5
Don't forget to fill region from the cache with junk if needed in one case;
from Fabien Romano and Jonathan Armani
15 years ago
otto
c8f1be5032
No need to clear a mmapped region; from Fabien Romano and Jonathan
Armani
15 years ago
todd
ef8dd643ed
permit -DMALLOC_STATS to compile again
noticed by Jonathan Armani & Fabien Romano
ugh+ok otto@
15 years ago
sobrado
2101574acc
s/Mhz/MHz/, MHz is a multiple of the SI unit hertz (whose symbol is Hz).
15 years ago
deraadt
e44f0a8fb7
Do not need -DLIBC_SCCS anymore
15 years ago
deraadt
46f44e2831
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms
15 years ago
pirofti
5e4aca2f5f
Check mmap return value against MAP_FAILED not NULL.
Okay deraadt@, otto@.
15 years ago
martynas
f30cf48cfa
teach gdtoa & its subroutines that malloc can fail; in which case
ecvt, fcvt, gcvt, *printf, strtof, strtod, strtold act per ieee
1003.1. after these massive changes, remove unused files which
would not work now. reported by Maksymilian Arciemowicz; ok theo
15 years ago
otto
65dc48b142
rewrite the history section, prompted by Paul Stoeber; ok deraadt@ jmc@
15 years ago
jmc
db67d7c77d
remove unsupported LIBRARY section; from Alan R. S. Bueno
15 years ago
millert
4bfe74412c
Use STD*_FILENO instead of 0-2. OK henning@ djm@ gilles@ dhill@
15 years ago
martynas
e1c2ed5d72
abs conforms c99 -> imaxabs conforms c99. ok millert@
15 years ago
martynas
b263bc8a8a
use llabs instead of the home-grown version; and some comment changes
ok ian@, millert@
15 years ago
deraadt
d4f78c2955
quieten compiler by converting pointers to uintptr_t before truncating them
to u_int32_t to do integer math with (in a situation where that is legit)
ok otto millert
15 years ago
millert
63a463cfbd
Don't assume that we can overwrite strings in the environment.
Someone may have passed a read-only string to putenv() (I'm looking
at you cron!).
15 years ago
millert
d3d9cc08f7
Make putenv(), setenv() and unsetenv() standards compliant. The
standard explicitly disallows passing setenv a name with a '=' in
it but historic BSD behavior is to allow this but to ignore the '='
and anything after it.
15 years ago
djm
8b81695079
allow building without SHA384 and SHA512 (i.e. SHA256 only) with
-DSHA256_ONLY in order to save space; ok deraadt@
15 years ago
okan
3bc42fd077
document that no leading whitespace is permitted between the option and
argument if the argument is deemed to be optional ('::').
feedback and ok jmc@ and millert@
15 years ago
jmc
2024268fd6
kill whitespace at eol;
16 years ago
otto
69f875a94f
decribe 'F' better and mention flags are debugging aids; ok tedu@ jmc@
16 years ago
jmc
d69225c623
correct function definitions; from Markus Bergkvist
16 years ago
djm
10887343e6
reintroduce extra malloc protections, but avoiding the use of
PAGE_(SIZE|SHIFT|MASK) defines that evaluate to variables on the
sparc architecture;
ok otto@ tested on my reanimated ss20
16 years ago
deraadt
69d34d79a8
PAGE_SIZE is not a valid symbol to use in that way. In particular,
on sparc, it expands to something that just plain does not work,
because the page size can be variable. Sorry we didn't spot this
before. Backing it all out to allow sparc to build; please find a
different way to fix it.
16 years ago
djm
d835fe24d1
Remove mprotecting of struct dir_info introduced in previous commit
(MALLOC_OPTIONS=L). It was too slow to turn on by default, and we
don't do optional security.
requested by deraadt@ grumbling ok otto@
16 years ago
djm
b1b6e37e4e
extra paranoia for malloc(3):
Move all runtime options into a structure that is made read-only
(via mprotect) after initialisation to protect against attacks that
overwrite options to turn off malloc protections (e.g. use-after-free)
Allocate the main bookkeeping data (struct dir_info) using mmap(),
thereby giving it an unpredictable address. Place a PROT_NONE guard
page on either side to further frustrate attacks on it.
Add a new 'L' option that maps struct dir_info PROT_NONE except when
in the allocator code itself. Makes attacks on it basically impossible.
feedback tedu deraadt otto canacar
ok otto
16 years ago
deraadt
81a1885e03
repair the ARC4 story; ok jmc djm millert
16 years ago
otto
ce9fb22525
shave off more bytes than you expect by declaring a few const local arrays
as static const
16 years ago
pedro
09239b2280
Fix typo, okay jmc@.
16 years ago
otto
5b2827b23a
move allocations between half a page and a page as close to the end of
the page as possible (i.e. make malloc option P a default).
ok art@ millert@ krw@
16 years ago
otto
c2a4892aa1
Reduce the leeway malloc allows when moving allocations to the end of
a page to 0. P default will be changed in a separate commit.
ok millert@ art@ krw@
16 years ago
otto
c85d8de1f7
To allow for easier playing with more strict settings introduce
a separate symbolic constant for the leeway we allow when moving
allocations towards the end of a page. No functional change.
16 years ago
otto
7fae3fd69f
avoid a few strlen calls for constant strings; prompted by tg; ok djm@
16 years ago
otto
2e3909a133
if the freeprot flag (F) is set, do not do delayed frees for chunks
(might catch errors closer to the trouble spot) and junk fill pages just
before reuse instead of immediate (we can't access the page anyway)
since we set PROT_NONE in the F case. ok djm@
16 years ago
otto
e19c3ba2dd
fix markup of example line and description of G flag; partly from and
ok jmc@
16 years ago
otto
96f3e731f5
remove distinction between warnings and errors, ok deraadt@ djm@
16 years ago
otto
02508dddff
if MALLOC_STATS is defined, record how many "cheap reallocs" were
tried and how many actually succeeded.
16 years ago
otto
2fbc2b3c20
oops, assign errno the right way. caught by david running regress tests
16 years ago
otto
b0a0d24cc7
reduce rbyte cache to 512 bytes, no measurable slowdown (even in the
threaded case) but much smaller working set; prompted by and ok deraadt@
16 years ago
otto
cc05412197
save and restore errno on success. while it is not stricly needed for
non-syscalls, there's just too much code not doing the right thing on
error paths; prompted by and ok deraadt@
16 years ago
otto
0f36e15025
zap __arc4_getbyte(), it was only used by the old malloc; ok millert@
kurt@
16 years ago
otto
cdd5a2c930
when increasing the size of a larger than a page allocation try
mapping the region next to the existing one first; there's a pretty
high chance there's a hole there we can use; ok deraadt@ tedu@
16 years ago
otto
013c97fa02
avoid spitting up regions when purging stuff from the cache, it puts
too much pressure on the amaps. ok tedu@ deraadt@
16 years ago
martynas
72651265ea
document strtold. ok millert@
16 years ago