LADI
/
ladish
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove the obsolete "safety" memory functions 

Juuso favours them but I favour explicit handling of memory allocation checks
that cause current function to fail
This commit is contained in:
Nedko Arnaudov 2010-04-04 21:45:53 +03:00
parent 9d4d8c6ea0
commit 9f6946c97f
5 changed files with 9 additions and 616 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

295
common/safety.c
View File

@ -1,295 +0,0 @@
/* -*- Mode: C ; c-basic-offset: 2 -*- */
/*
* LADI Session Handler (ladish)
*
* Copyright (C) 2008 Juuso Alasuutari <juuso.alasuutari@gmail.com>
*
**************************************************************************
* This file contains "safe" memory and string helpers (obsolete)
**************************************************************************
*
* LADI Session Handler is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* LADI Session Handler is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with LADI Session Handler. If not, see <http://www.gnu.org/licenses/>
* or write to the Free Software Foundation, Inc.,
* 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/* For strdup() */
#ifndef _BSD_SOURCE
# define _BSD_SOURCE 1
#endif
#include <stdint.h>
#include <string.h>
#include "safety.h"
#include "../log.h"
void
_lash_free(void **ptr)
{
if (ptr && *ptr) {
free(*ptr);
*ptr = NULL;
}
}
void
lash_strset(char **property,
const char *value)
{
if (property) {
if (*property)
free(*property);
if (value)
*property = lash_strdup(value);
else
*property = NULL;
}
}
#ifndef LADISH_DEBUG
void *
lash_malloc(size_t nmemb,
size_t size)
{
void *ptr = NULL;
if (nmemb && size) {
if (size <= (SIZE_MAX / nmemb)) {
if ((ptr = malloc(nmemb * size))) {
return ptr;
} else {
log_error("malloc returned NULL");
}
} else {
log_error("Arguments would overflow");
}
} else {
log_error("Can't allocate zero bytes");
}
abort();
}
void *
lash_calloc(size_t nmemb,
size_t size)
{
void *ptr = NULL;
if (nmemb && size) {
if (size <= (SIZE_MAX / nmemb)) {
if ((ptr = calloc(nmemb, size))) {
return ptr;
} else {
log_error("calloc returned NULL");
}
} else {
log_error("Arguments would overflow");
}
} else {
log_error("Can't allocate zero bytes");
}
abort();
}
void *
lash_realloc(void *ptr,
size_t nmemb,
size_t size)
{
void *ptr2 = NULL;
if (nmemb && size) {
if (size <= (SIZE_MAX / nmemb)) {
if ((ptr2 = realloc(ptr, nmemb * size))) {
return ptr2;
} else {
log_error("realloc returned NULL");
}
} else {
log_error("Arguments would overflow");
}
} else {
log_error("Can't allocate zero bytes");
}
abort();
}
char *
lash_strdup(const char *s)
{
char *ptr = (s) ? strdup(s) : strdup("");
if (ptr)
return ptr;
log_error("strdup returned NULL");
abort();
}
#else /* LADISH_DEBUG */
void *
lash_malloc_dbg(size_t nmemb,
size_t size,
const char *file,
int line,
const char *function,
const char *arg1,
const char *arg2)
{
void *ptr = NULL;
if (nmemb && size) {
if (size <= (SIZE_MAX / nmemb)) {
if ((ptr = malloc(nmemb * size))) {
return ptr;
} else {
log_error_plain("%s:%d:%s: "
"lash_malloc(%s,%s) failed: "
"malloc returned NULL",
file, line, function,
arg1, arg2);
}
} else {
log_error_plain("%s:%d:%s: "
"lash_malloc(%s,%s) failed: "
"Arguments would overflow",
file, line, function, arg1, arg2);
}
} else {
log_error_plain("%s:%d:%s: "
"lash_malloc(%s,%s) failed: "
"Can't allocate zero bytes",
file, line, function, arg1, arg2);
}
abort();
}
void *
lash_calloc_dbg(size_t nmemb,
size_t size,
const char *file,
int line,
const char *function,
const char *arg1,
const char *arg2)
{
void *ptr = NULL;
if (nmemb && size) {
if (size <= (SIZE_MAX / nmemb)) {
if ((ptr = calloc(nmemb, size))) {
return ptr;
} else {
log_error_plain("%s:%d:%s: "
"lash_calloc(%s,%s) failed: "
"calloc returned NULL",
file, line, function,
arg1, arg2);
}
} else {
log_error_plain("%s:%d:%s: "
"lash_calloc(%s,%s) failed: "
"Arguments would overflow",
file, line, function, arg1, arg2);
}
} else {
log_error_plain("%s:%d:%s: "
"lash_calloc(%s,%s) failed: "
"Can't allocate zero bytes",
file, line, function, arg1, arg2);
}
abort();
}
void *
lash_realloc_dbg(void *ptr,
size_t nmemb,
size_t size,
const char *file,
int line,
const char *function,
const char *arg1,
const char *arg2,
const char *arg3)
{
void *ptr2 = NULL;
if (nmemb && size) {
if (size <= (SIZE_MAX / nmemb)) {
if ((ptr2 = realloc(ptr, nmemb * size))) {
return ptr2;
} else {
log_error_plain("%s:%d:%s: "
"lash_realloc(%s,%s,%s) failed: "
"calloc returned NULL",
file, line, function,
arg1, arg2, arg3);
}
} else {
log_error_plain("%s:%d:%s: "
"lash_realloc(%s,%s,%s) failed: "
"Arguments would overflow",
file, line, function, arg1, arg2, arg3);
}
} else {
log_error_plain("%s:%d:%s: "
"lash_realloc(%s,%s,%s) failed: "
"Can't allocate zero bytes",
file, line, function, arg1, arg2, arg3);
}
abort();
}
char *
lash_strdup_dbg(const char *s,
const char *file,
int line,
const char *function,
const char *arg1)
{
char *ptr;
if (s) {
ptr = strdup(s);
} else {
log_error_plain("%s:%d:%s: lash_strdup(%s) failed: "
"Argument is NULL",
file, line, function, arg1);
ptr = strdup("");
}
if (ptr)
return ptr;
log_error_plain("%s:%d:%s: lash_strdup(%s) failed: "
"strdup returned NULL",
file, line, function, arg1);
abort();
}
#endif /* LADISH_DEBUG */
/* EOF */

317
common/safety.h
View File

@ -1,317 +0,0 @@
/* -*- Mode: C ; c-basic-offset: 2 -*- */
/*
* LADI Session Handler (ladish)
*
* Copyright (C) 2008 Juuso Alasuutari <juuso.alasuutari@gmail.com>
*
**************************************************************************
* This file contains interface to "safe" memory and string helpers (obsolete)
**************************************************************************
*
* LADI Session Handler is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* LADI Session Handler is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with LADI Session Handler. If not, see <http://www.gnu.org/licenses/>
* or write to the Free Software Foundation, Inc.,
* 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/** @file safety.h
* This module contains wrappers around system memory handling functions
* for reliable error handling and increased debugging verbosity.
*
* Some of the provided methods can be either macros or function definitions
* depending on whether or not LADISH_DEBUG is enabled. The programmer needn't
* worry, however, as the syntax is the same for both debug and normal builds.
*/
#ifndef __LASH_SAFETY_H__
#define __LASH_SAFETY_H__
#include <stdlib.h>
#include "config.h"
/**
* This macro is a convenience wrapper around \ref _lash_free.
* It does nothing more than cast the provided argument to void**
* in order to eliminate invalid pointer type warnings.
*/
#define lash_free(ptr) \
_lash_free((void **) ptr)
/**
* Free the memory pointed to by *ptr. If the pointer was valid,
* set it to NULL after freeing it.
*
* @param ptr A pointer to a pointer to the memory to be be freed.
*/
void
_lash_free(void **ptr);
/**
* If value is non-NULL, set *property to point to a new string
* which is a copy of value. If value is NULL, set *property
* to NULL. If *property is already set, it will be freed before setting
* it to value.
*
* @param property A pointer to the char* to set.
* @param value The value to set property to.
*/
void
lash_strset(char **property,
const char *value);
#ifndef LADISH_DEBUG
/**
* This is a wrapper around malloc which checks whether nmemb * size
* would overflow, and whether malloc returns NULL. It prints an error
* using \ref log_error if anything fails.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param nmemb The number of elements to allocate.
* @param size The size in bytes of one element.
*
* @return A pointer to the allocated memory.
*/
void *
lash_malloc(size_t nmemb,
size_t size);
/**
* This is a wrapper around calloc which checks whether nmemb * size
* would overflow, and whether calloc) returns NULL. It prints an error
* using \ref log_error if anything fails.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param nmemb The number of elements to allocate.
* @param size The size of one element (in bytes).
*
* @return A pointer to the allocated memory.
*/
void *
lash_calloc(size_t nmemb,
size_t size);
/**
* This is a wrapper around realloc which checks whether nmemb * size
* would overflow, and whether realloc returns NULL. It prints an error
* using \ref log_error if anything fails.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param ptr A pointer to the memory block whose size to change.
* @param nmemb The number of elements to (re)allocate.
* @param size The size of one element (in bytes).
*
* @return A pointer to the allocated memory.
*/
void *
lash_realloc(void *ptr,
size_t nmemb,
size_t size);
/**
* This is a wrapper around strdup which checks for a NULL return value.
* It prints an error using \ref log_error if strdup fails.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param s The string to duplicate.
*
* @return A pointer to the duplicated string.
*/
char *
lash_strdup(const char *s);
/** TODO: Document this */
#else /* LADISH_DEBUG */
/**
* This macro is a wrapper around \ref lash_malloc_dbg.
*
* @param nmemb The number of elements to allocate.
* @param size The size in bytes of one element.
*
* @return A pointer to the allocated memory.
*/
# define lash_malloc(nmemb, size) \
lash_malloc_dbg(nmemb, size, __FILE__, __LINE__, __func__, # nmemb, # size)
/**
* This macro is a wrapper around \ref lash_calloc_dbg.
*
* @param nmemb The number of elements to allocate.
* @param size The size in bytes of one element.
*
* @return A pointer to the allocated memory.
*/
# define lash_calloc(nmemb, size) \
lash_calloc_dbg(nmemb, size, __FILE__, __LINE__, __func__, # nmemb, # size)
/**
* This macro is a wrapper around \ref lash_realloc_dbg.
*
* @param ptr A pointer to the memory block whose size to change.
* @param nmemb The number of elements to allocate.
* @param size The size in bytes of one element.
*
* @return A pointer to the allocated memory.
*/
# define lash_realloc(ptr, nmemb, size) \
lash_realloc_dbg(ptr, nmemb, size, __FILE__, __LINE__, __func__, # ptr, # nmemb, # size)
/**
* This macro is a wrapper around \ref lash_strdup_dbg.
*
* @param s The string to duplicate.
*
* @return A pointer to the duplicated string.
*/
# define lash_strdup(s) \
lash_strdup_dbg(s, __FILE__, __LINE__, __func__, # s)
/**
* This is a wrapper around malloc which checks whether nmemb * size
* would overflow, and whether malloc returns NULL. It prints an error
* using \ref log_error if anything fails.
*
* This function is the 'debugging edition' of the LASH malloc wrapper and
* has extra parameters for printing more detailed debugging messages. It
* should never be called directly, but instead by using the \ref lash_malloc
* macro.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param nmemb The number of elements to allocate.
* @param size The size of one element (in bytes).
* @param file The calling file name.
* @param line The calling line number.
* @param function The calling function name.
* @param arg1 A string representation of the nmemb argument passed by the caller.
* @param arg2 A string representation of the size argument passed by the caller.
*
* @return A pointer to the allocated memory.
*/
void *
lash_malloc_dbg(size_t nmemb,
size_t size,
const char *file,
int line,
const char *function,
const char *arg1,
const char *arg2);
/**
* This is a wrapper around calloc which checks whether nmemb * size
* would overflow, and whether calloc returns NULL. It prints an error
* using \ref log_error if anything fails.
*
* This function is the 'debugging edition' of the LASH calloc wrapper and
* has extra parameters for printing more detailed debugging messages. It
* should never be called directly, but instead by using the \ref lash_calloc
* macro.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param nmemb The number of elements to allocate.
* @param size The size of one element (in bytes).
* @param file The calling file name.
* @param line The calling line number.
* @param function The calling function name.
* @param arg1 A string representation of the nmemb argument passed by the caller.
* @param arg2 A string representation of the size argument passed by the caller.
*
* @return A pointer to the allocated memory.
*/
void *
lash_calloc_dbg(size_t nmemb,
size_t size,
const char *file,
int line,
const char *function,
const char *arg1,
const char *arg2);
/**
* This is a wrapper around realloc which checks whether nmemb * size
* would overflow, and whether realloc returns NULL. It prints an error
* using \ref log_error if anything fails.
*
* This function is the 'debugging edition' of the LASH realloc wrapper and
* has extra parameters for printing more detailed debugging messages. It
* should never be called directly, but instead by using the \ref lash_realloc
* macro.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param nmemb The number of elements to allocate.
* @param size The size of one element (in bytes).
* @param file The calling file name.
* @param line The calling line number.
* @param function The calling function name.
* @param arg1 A string representation of the ptr argument passed by the caller.
* @param arg2 A string representation of the nmemb argument passed by the caller.
* @param arg3 A string representation of the size argument passed by the caller.
*
* @return A pointer to the allocated memory.
*/
void *
lash_realloc_dbg(void *ptr,
size_t nmemb,
size_t size,
const char *file,
int line,
const char *function,
const char *arg1,
const char *arg2,
const char *arg3);
/**
* This is a wrapper around strdup which checks for a NULL return value.
* It prints an error using \ref log_error if strdup fails.
*
* This function is the 'debugging edition' of the LASH strdup wrapper and
* has extra parameters for printing more detailed debugging messages. It
* should never be called directly, but instead by using the \ref lash_strdup
* macro.
*
* TODO: We currently call abort on failure,
* this probably needs to be changed.
*
* @param s The string to duplicate.
* @param file The calling file name.
* @param line The calling line number.
* @param function The calling function name.
* @param arg1 A string representation of the argument passed by the caller.
*
* @return A pointer to the duplicated string.
*/
char *
lash_strdup_dbg(const char *s,
const char *file,
int line,
const char *function,
const char *arg1);
#endif /* LADISH_DEBUG */
#endif /* __LASH_SAFETY_H__ */

1
dbus/method.c
View File

@ -28,7 +28,6 @@
*/
#include "../common.h"
#include "../common/safety.h"
#include "helpers.h"
#include "method.h"

11
dbus/object_path.c
View File

@ -29,7 +29,6 @@
#include "../common.h"
#include "helpers.h"
#include "../common/safety.h"
#include "error.h" /* lash_dbus_error() */
struct dbus_object_path_interface
@ -65,7 +64,15 @@ introspection_new(struct dbus_object_path * opath_ptr)
* Create introspection XML data.
*/
xml_data = lash_malloc(1, 16384);
/* TODO: we assume that 16 KiB is enough to hold introspection xml.
* If it gets larger, memory corruption will occur.
* Use realloc-like algorithm instead */
xml_data = malloc(16384);
if (xml_data == NULL)
{
return NULL;
}
buf_ptr = xml_data;
write_buf("<!DOCTYPE node PUBLIC \"-//freedesktop//DTD D-BUS Object Introspection 1.0//EN\"\n"

1
wscript
View File

@ -247,7 +247,6 @@ def build(bld):
daemon.source.append(os.path.join("dbus", source))
for source in [
'safety.c',
'time.c',
]:
daemon.source.append(os.path.join("common", source))