From 9f6946c97f45ca80bbf7a06f87cceccea9acf266 Mon Sep 17 00:00:00 2001 From: Nedko Arnaudov Date: Sun, 4 Apr 2010 21:45:53 +0300 Subject: [PATCH] remove the obsolete "safety" memory functions Juuso favours them but I favour explicit handling of memory allocation checks that cause current function to fail --- common/safety.c | 295 ----------------------------------------- common/safety.h | 317 --------------------------------------------- dbus/method.c | 1 - dbus/object_path.c | 11 +- wscript | 1 - 5 files changed, 9 insertions(+), 616 deletions(-) delete mode 100644 common/safety.c delete mode 100644 common/safety.h diff --git a/common/safety.c b/common/safety.c deleted file mode 100644 index 6872868b..00000000 --- a/common/safety.c +++ /dev/null @@ -1,295 +0,0 @@ -/* -*- Mode: C ; c-basic-offset: 2 -*- */ -/* - * LADI Session Handler (ladish) - * - * Copyright (C) 2008 Juuso Alasuutari - * - ************************************************************************** - * This file contains "safe" memory and string helpers (obsolete) - ************************************************************************** - * - * LADI Session Handler is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * LADI Session Handler is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with LADI Session Handler. If not, see - * or write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -/* For strdup() */ -#ifndef _BSD_SOURCE -# define _BSD_SOURCE 1 -#endif - -#include -#include - -#include "safety.h" -#include "../log.h" - -void -_lash_free(void **ptr) -{ - if (ptr && *ptr) { - free(*ptr); - *ptr = NULL; - } -} - -void -lash_strset(char **property, - const char *value) -{ - if (property) { - if (*property) - free(*property); - - if (value) - *property = lash_strdup(value); - else - *property = NULL; - } -} - -#ifndef LADISH_DEBUG - -void * -lash_malloc(size_t nmemb, - size_t size) -{ - void *ptr = NULL; - - if (nmemb && size) { - if (size <= (SIZE_MAX / nmemb)) { - if ((ptr = malloc(nmemb * size))) { - return ptr; - } else { - log_error("malloc returned NULL"); - } - } else { - log_error("Arguments would overflow"); - } - } else { - log_error("Can't allocate zero bytes"); - } - - abort(); -} - -void * -lash_calloc(size_t nmemb, - size_t size) -{ - void *ptr = NULL; - - if (nmemb && size) { - if (size <= (SIZE_MAX / nmemb)) { - if ((ptr = calloc(nmemb, size))) { - return ptr; - } else { - log_error("calloc returned NULL"); - } - } else { - log_error("Arguments would overflow"); - } - } else { - log_error("Can't allocate zero bytes"); - } - - abort(); -} - -void * -lash_realloc(void *ptr, - size_t nmemb, - size_t size) -{ - void *ptr2 = NULL; - - if (nmemb && size) { - if (size <= (SIZE_MAX / nmemb)) { - if ((ptr2 = realloc(ptr, nmemb * size))) { - return ptr2; - } else { - log_error("realloc returned NULL"); - } - } else { - log_error("Arguments would overflow"); - } - } else { - log_error("Can't allocate zero bytes"); - } - - abort(); -} - -char * -lash_strdup(const char *s) -{ - char *ptr = (s) ? strdup(s) : strdup(""); - - if (ptr) - return ptr; - - log_error("strdup returned NULL"); - - abort(); -} - -#else /* LADISH_DEBUG */ - -void * -lash_malloc_dbg(size_t nmemb, - size_t size, - const char *file, - int line, - const char *function, - const char *arg1, - const char *arg2) -{ - void *ptr = NULL; - - if (nmemb && size) { - if (size <= (SIZE_MAX / nmemb)) { - if ((ptr = malloc(nmemb * size))) { - return ptr; - } else { - log_error_plain("%s:%d:%s: " - "lash_malloc(%s,%s) failed: " - "malloc returned NULL", - file, line, function, - arg1, arg2); - } - } else { - log_error_plain("%s:%d:%s: " - "lash_malloc(%s,%s) failed: " - "Arguments would overflow", - file, line, function, arg1, arg2); - } - } else { - log_error_plain("%s:%d:%s: " - "lash_malloc(%s,%s) failed: " - "Can't allocate zero bytes", - file, line, function, arg1, arg2); - } - - abort(); -} - -void * -lash_calloc_dbg(size_t nmemb, - size_t size, - const char *file, - int line, - const char *function, - const char *arg1, - const char *arg2) -{ - void *ptr = NULL; - - if (nmemb && size) { - if (size <= (SIZE_MAX / nmemb)) { - if ((ptr = calloc(nmemb, size))) { - return ptr; - } else { - log_error_plain("%s:%d:%s: " - "lash_calloc(%s,%s) failed: " - "calloc returned NULL", - file, line, function, - arg1, arg2); - } - } else { - log_error_plain("%s:%d:%s: " - "lash_calloc(%s,%s) failed: " - "Arguments would overflow", - file, line, function, arg1, arg2); - } - } else { - log_error_plain("%s:%d:%s: " - "lash_calloc(%s,%s) failed: " - "Can't allocate zero bytes", - file, line, function, arg1, arg2); - } - - abort(); -} - -void * -lash_realloc_dbg(void *ptr, - size_t nmemb, - size_t size, - const char *file, - int line, - const char *function, - const char *arg1, - const char *arg2, - const char *arg3) -{ - void *ptr2 = NULL; - - if (nmemb && size) { - if (size <= (SIZE_MAX / nmemb)) { - if ((ptr2 = realloc(ptr, nmemb * size))) { - return ptr2; - } else { - log_error_plain("%s:%d:%s: " - "lash_realloc(%s,%s,%s) failed: " - "calloc returned NULL", - file, line, function, - arg1, arg2, arg3); - } - } else { - log_error_plain("%s:%d:%s: " - "lash_realloc(%s,%s,%s) failed: " - "Arguments would overflow", - file, line, function, arg1, arg2, arg3); - } - } else { - log_error_plain("%s:%d:%s: " - "lash_realloc(%s,%s,%s) failed: " - "Can't allocate zero bytes", - file, line, function, arg1, arg2, arg3); - } - - abort(); -} - -char * -lash_strdup_dbg(const char *s, - const char *file, - int line, - const char *function, - const char *arg1) -{ - char *ptr; - - if (s) { - ptr = strdup(s); - } else { - log_error_plain("%s:%d:%s: lash_strdup(%s) failed: " - "Argument is NULL", - file, line, function, arg1); - ptr = strdup(""); - } - - if (ptr) - return ptr; - - log_error_plain("%s:%d:%s: lash_strdup(%s) failed: " - "strdup returned NULL", - file, line, function, arg1); - - abort(); -} - -#endif /* LADISH_DEBUG */ - -/* EOF */ diff --git a/common/safety.h b/common/safety.h deleted file mode 100644 index 180b969c..00000000 --- a/common/safety.h +++ /dev/null @@ -1,317 +0,0 @@ -/* -*- Mode: C ; c-basic-offset: 2 -*- */ -/* - * LADI Session Handler (ladish) - * - * Copyright (C) 2008 Juuso Alasuutari - * - ************************************************************************** - * This file contains interface to "safe" memory and string helpers (obsolete) - ************************************************************************** - * - * LADI Session Handler is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * LADI Session Handler is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with LADI Session Handler. If not, see - * or write to the Free Software Foundation, Inc., - * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -/** @file safety.h - * This module contains wrappers around system memory handling functions - * for reliable error handling and increased debugging verbosity. - * - * Some of the provided methods can be either macros or function definitions - * depending on whether or not LADISH_DEBUG is enabled. The programmer needn't - * worry, however, as the syntax is the same for both debug and normal builds. - */ - -#ifndef __LASH_SAFETY_H__ -#define __LASH_SAFETY_H__ - -#include - -#include "config.h" - -/** - * This macro is a convenience wrapper around \ref _lash_free. - * It does nothing more than cast the provided argument to void** - * in order to eliminate invalid pointer type warnings. - */ -#define lash_free(ptr) \ - _lash_free((void **) ptr) - -/** - * Free the memory pointed to by *ptr. If the pointer was valid, - * set it to NULL after freeing it. - * - * @param ptr A pointer to a pointer to the memory to be be freed. - */ -void -_lash_free(void **ptr); - -/** - * If value is non-NULL, set *property to point to a new string - * which is a copy of value. If value is NULL, set *property - * to NULL. If *property is already set, it will be freed before setting - * it to value. - * - * @param property A pointer to the char* to set. - * @param value The value to set property to. - */ -void -lash_strset(char **property, - const char *value); - -#ifndef LADISH_DEBUG - -/** - * This is a wrapper around malloc which checks whether nmemb * size - * would overflow, and whether malloc returns NULL. It prints an error - * using \ref log_error if anything fails. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param nmemb The number of elements to allocate. - * @param size The size in bytes of one element. - * - * @return A pointer to the allocated memory. - */ -void * -lash_malloc(size_t nmemb, - size_t size); - -/** - * This is a wrapper around calloc which checks whether nmemb * size - * would overflow, and whether calloc) returns NULL. It prints an error - * using \ref log_error if anything fails. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param nmemb The number of elements to allocate. - * @param size The size of one element (in bytes). - * - * @return A pointer to the allocated memory. - */ -void * -lash_calloc(size_t nmemb, - size_t size); - -/** - * This is a wrapper around realloc which checks whether nmemb * size - * would overflow, and whether realloc returns NULL. It prints an error - * using \ref log_error if anything fails. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param ptr A pointer to the memory block whose size to change. - * @param nmemb The number of elements to (re)allocate. - * @param size The size of one element (in bytes). - * - * @return A pointer to the allocated memory. - */ -void * -lash_realloc(void *ptr, - size_t nmemb, - size_t size); - -/** - * This is a wrapper around strdup which checks for a NULL return value. - * It prints an error using \ref log_error if strdup fails. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param s The string to duplicate. - * - * @return A pointer to the duplicated string. - */ -char * -lash_strdup(const char *s); - -/** TODO: Document this */ -#else /* LADISH_DEBUG */ - -/** - * This macro is a wrapper around \ref lash_malloc_dbg. - * - * @param nmemb The number of elements to allocate. - * @param size The size in bytes of one element. - * - * @return A pointer to the allocated memory. - */ -# define lash_malloc(nmemb, size) \ - lash_malloc_dbg(nmemb, size, __FILE__, __LINE__, __func__, # nmemb, # size) - -/** - * This macro is a wrapper around \ref lash_calloc_dbg. - * - * @param nmemb The number of elements to allocate. - * @param size The size in bytes of one element. - * - * @return A pointer to the allocated memory. - */ -# define lash_calloc(nmemb, size) \ - lash_calloc_dbg(nmemb, size, __FILE__, __LINE__, __func__, # nmemb, # size) - -/** - * This macro is a wrapper around \ref lash_realloc_dbg. - * - * @param ptr A pointer to the memory block whose size to change. - * @param nmemb The number of elements to allocate. - * @param size The size in bytes of one element. - * - * @return A pointer to the allocated memory. - */ -# define lash_realloc(ptr, nmemb, size) \ - lash_realloc_dbg(ptr, nmemb, size, __FILE__, __LINE__, __func__, # ptr, # nmemb, # size) - -/** - * This macro is a wrapper around \ref lash_strdup_dbg. - * - * @param s The string to duplicate. - * - * @return A pointer to the duplicated string. - */ -# define lash_strdup(s) \ - lash_strdup_dbg(s, __FILE__, __LINE__, __func__, # s) - -/** - * This is a wrapper around malloc which checks whether nmemb * size - * would overflow, and whether malloc returns NULL. It prints an error - * using \ref log_error if anything fails. - * - * This function is the 'debugging edition' of the LASH malloc wrapper and - * has extra parameters for printing more detailed debugging messages. It - * should never be called directly, but instead by using the \ref lash_malloc - * macro. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param nmemb The number of elements to allocate. - * @param size The size of one element (in bytes). - * @param file The calling file name. - * @param line The calling line number. - * @param function The calling function name. - * @param arg1 A string representation of the nmemb argument passed by the caller. - * @param arg2 A string representation of the size argument passed by the caller. - * - * @return A pointer to the allocated memory. - */ -void * -lash_malloc_dbg(size_t nmemb, - size_t size, - const char *file, - int line, - const char *function, - const char *arg1, - const char *arg2); - -/** - * This is a wrapper around calloc which checks whether nmemb * size - * would overflow, and whether calloc returns NULL. It prints an error - * using \ref log_error if anything fails. - * - * This function is the 'debugging edition' of the LASH calloc wrapper and - * has extra parameters for printing more detailed debugging messages. It - * should never be called directly, but instead by using the \ref lash_calloc - * macro. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param nmemb The number of elements to allocate. - * @param size The size of one element (in bytes). - * @param file The calling file name. - * @param line The calling line number. - * @param function The calling function name. - * @param arg1 A string representation of the nmemb argument passed by the caller. - * @param arg2 A string representation of the size argument passed by the caller. - * - * @return A pointer to the allocated memory. - */ -void * -lash_calloc_dbg(size_t nmemb, - size_t size, - const char *file, - int line, - const char *function, - const char *arg1, - const char *arg2); - -/** - * This is a wrapper around realloc which checks whether nmemb * size - * would overflow, and whether realloc returns NULL. It prints an error - * using \ref log_error if anything fails. - * - * This function is the 'debugging edition' of the LASH realloc wrapper and - * has extra parameters for printing more detailed debugging messages. It - * should never be called directly, but instead by using the \ref lash_realloc - * macro. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param nmemb The number of elements to allocate. - * @param size The size of one element (in bytes). - * @param file The calling file name. - * @param line The calling line number. - * @param function The calling function name. - * @param arg1 A string representation of the ptr argument passed by the caller. - * @param arg2 A string representation of the nmemb argument passed by the caller. - * @param arg3 A string representation of the size argument passed by the caller. - * - * @return A pointer to the allocated memory. - */ -void * -lash_realloc_dbg(void *ptr, - size_t nmemb, - size_t size, - const char *file, - int line, - const char *function, - const char *arg1, - const char *arg2, - const char *arg3); - -/** - * This is a wrapper around strdup which checks for a NULL return value. - * It prints an error using \ref log_error if strdup fails. - * - * This function is the 'debugging edition' of the LASH strdup wrapper and - * has extra parameters for printing more detailed debugging messages. It - * should never be called directly, but instead by using the \ref lash_strdup - * macro. - * - * TODO: We currently call abort on failure, - * this probably needs to be changed. - * - * @param s The string to duplicate. - * @param file The calling file name. - * @param line The calling line number. - * @param function The calling function name. - * @param arg1 A string representation of the argument passed by the caller. - * - * @return A pointer to the duplicated string. - */ -char * -lash_strdup_dbg(const char *s, - const char *file, - int line, - const char *function, - const char *arg1); - -#endif /* LADISH_DEBUG */ - -#endif /* __LASH_SAFETY_H__ */ diff --git a/dbus/method.c b/dbus/method.c index 234cd308..2fdb5881 100644 --- a/dbus/method.c +++ b/dbus/method.c @@ -28,7 +28,6 @@ */ #include "../common.h" -#include "../common/safety.h" #include "helpers.h" #include "method.h" diff --git a/dbus/object_path.c b/dbus/object_path.c index 62c017da..d853ce0d 100644 --- a/dbus/object_path.c +++ b/dbus/object_path.c @@ -29,7 +29,6 @@ #include "../common.h" #include "helpers.h" -#include "../common/safety.h" #include "error.h" /* lash_dbus_error() */ struct dbus_object_path_interface @@ -65,7 +64,15 @@ introspection_new(struct dbus_object_path * opath_ptr) * Create introspection XML data. */ - xml_data = lash_malloc(1, 16384); + /* TODO: we assume that 16 KiB is enough to hold introspection xml. + * If it gets larger, memory corruption will occur. + * Use realloc-like algorithm instead */ + xml_data = malloc(16384); + if (xml_data == NULL) + { + return NULL; + } + buf_ptr = xml_data; write_buf("