From 82298afa0339769e2cfc282c4daff0d10132f2bc Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Fri, 26 May 2023 07:18:56 -0700 Subject: [PATCH] maint: prefer signed sizes for allocation * src/analyze.c (discard_confusing_lines, diff_2_files): * src/cmp.c (main): * src/diff.c (main, add_regexp): * src/diff3.c (read_diff): * src/dir.c (dir_read): * src/io.c (slurp, find_and_hash_each_line, find_identical_ends): * src/sdiff.c (lf_init, diffarg): Prefer ximalloc to xmalloc, etc. Also prefer letting the xmalloc.c functions multiply (with overflow checking) than doing it by hand (without). --- src/analyze.c | 14 +++++++------- src/cmp.c | 2 +- src/diff.c | 12 +++++------- src/diff3.c | 2 +- src/dir.c | 2 +- src/io.c | 38 +++++++++++++++++++------------------- src/sdiff.c | 6 +++--- 7 files changed, 37 insertions(+), 39 deletions(-) diff --git a/src/analyze.c b/src/analyze.c index 79e4af6..b9e4952 100644 --- a/src/analyze.c +++ b/src/analyze.c @@ -51,8 +51,8 @@ static void discard_confusing_lines (struct file_data filevec[]) { /* Allocate our results. */ - lin *p = xmalloc ((filevec[0].buffered_lines + filevec[1].buffered_lines) - * (2 * sizeof *p)); + lin *p = xinmalloc (filevec[0].buffered_lines + filevec[1].buffered_lines, + 2 * sizeof *p); for (int f = 0; f < 2; f++) { filevec[f].undiscarded = p; p += filevec[f].buffered_lines; @@ -62,7 +62,7 @@ discard_confusing_lines (struct file_data filevec[]) /* Set up equiv_count[F][I] as the number of lines in file F that fall in equivalence class I. */ - p = xcalloc (filevec[0].equiv_max, 2 * sizeof *p); + p = xicalloc (filevec[0].equiv_max, 2 * sizeof *p); lin *equiv_count[2]; equiv_count[0] = p; equiv_count[1] = p + filevec[0].equiv_max; @@ -75,8 +75,8 @@ discard_confusing_lines (struct file_data filevec[]) /* Set up tables of which lines are going to be discarded. */ char *discarded[2]; - discarded[0] = xzalloc (filevec[0].buffered_lines - + filevec[1].buffered_lines); + discarded[0] = xizalloc (filevec[0].buffered_lines + + filevec[1].buffered_lines); discarded[1] = discarded[0] + filevec[0].buffered_lines; /* Mark to be discarded each line that matches no line of the other file. @@ -488,7 +488,7 @@ diff_2_files (struct comparison *cmp) buffer_lcm (blksize[0], blksize[1], lcm_max), lcm_max); for (int f = 0; f < 2; f++) - cmp->file[f].buffer = xrealloc (cmp->file[f].buffer, buffer_size); + cmp->file[f].buffer = xirealloc (cmp->file[f].buffer, buffer_size); for (;; cmp->file[0].buffered = cmp->file[1].buffered = 0) { @@ -545,7 +545,7 @@ diff_2_files (struct comparison *cmp) ctxt.yvec = cmp->file[1].undiscarded; lin diags = (cmp->file[0].nondiscarded_lines + cmp->file[1].nondiscarded_lines + 3); - ctxt.fdiag = xmalloc (diags * (2 * sizeof *ctxt.fdiag)); + ctxt.fdiag = xinmalloc (diags, 2 * sizeof *ctxt.fdiag); ctxt.bdiag = ctxt.fdiag + diags; ctxt.fdiag += cmp->file[1].nondiscarded_lines + 1; ctxt.bdiag += cmp->file[1].nondiscarded_lines + 1; diff --git a/src/cmp.c b/src/cmp.c index f8dec98..0289b72 100644 --- a/src/cmp.c +++ b/src/cmp.c @@ -368,7 +368,7 @@ main (int argc, char **argv) /* Allocate word-aligned buffers, with space for sentinels at the end. */ idx_t words_per_buffer = (buf_size + 2 * sizeof (word) - 1) / sizeof (word); - buffer[0] = xmalloc (2 * sizeof (word) * words_per_buffer); + buffer[0] = xinmalloc (words_per_buffer, 2 * sizeof (word)); buffer[1] = buffer[0] + words_per_buffer; int exit_status = cmp (); diff --git a/src/diff.c b/src/diff.c index 1a4ad9a..520eaef 100644 --- a/src/diff.c +++ b/src/diff.c @@ -409,13 +409,11 @@ main (int argc, char **argv) "#else /* @ */\n" "%>" "#endif /* @ */\n"); + int nats = 7; /* 7 "@"s are in C_ifdef_group_formats. */ - idx_t alloc = strlen (optarg); - if (ckd_mul (&alloc, 7, alloc) - || ckd_add (&alloc, alloc, - sizeof C_ifdef_group_formats - 7 /* 7*"@" */)) - xalloc_die (); - char *b = ximalloc (alloc); + char *b = xinmalloc (((sizeof C_ifdef_group_formats + 1) / nats + + strlen (optarg)), + nats); char *base = b; int changes = 0; @@ -903,7 +901,7 @@ add_regexp (struct regexp_list *reglist, char const *pattern) while (size <= newlen); reglist->size = size; - reglist->regexps = regexps = xrealloc (regexps, size); + reglist->regexps = regexps = xirealloc (regexps, size); } if (multiple_regexps) { diff --git a/src/diff3.c b/src/diff3.c index 335d6af..fd54e19 100644 --- a/src/diff3.c +++ b/src/diff3.c @@ -1229,7 +1229,7 @@ read_diff (char const *filea, perror_with_exit (_("read failed")); break; } - if (PTRDIFF_MAX / 2 <= current_chunk_size) + if (IDX_MAX / 2 <= current_chunk_size) xalloc_die (); current_chunk_size *= 2; diff_result = xirealloc (diff_result, current_chunk_size); diff --git a/src/dir.c b/src/dir.c index 374db95..ba9403b 100644 --- a/src/dir.c +++ b/src/dir.c @@ -97,7 +97,7 @@ dir_read (struct file_data const *dir, struct dirdata *dirdata) while (data_alloc - data_used < d_size) { - if (PTRDIFF_MAX / 2 <= data_alloc) + if (IDX_MAX / 2 <= data_alloc) xalloc_die (); dirdata->data = data = xirealloc (data, data_alloc *= 2); } diff --git a/src/io.c b/src/io.c index 016b4d9..e2f6bc0 100644 --- a/src/io.c +++ b/src/io.c @@ -220,7 +220,7 @@ slurp (struct file_data *current) if (IDX_MAX / 2 - sizeof (word) < current->bufsize) xalloc_die (); current->bufsize *= 2; - current->buffer = xrealloc (current->buffer, current->bufsize); + current->buffer = xirealloc (current->buffer, current->bufsize); file_block_read (current, current->bufsize - current->buffered); } @@ -228,7 +228,7 @@ slurp (struct file_data *current) sentinel, plus word-alignment. */ idx_t cc = current->buffered + 2 * sizeof (word); current->bufsize = cc - cc % sizeof (word); - current->buffer = xrealloc (current->buffer, current->bufsize); + current->buffer = xirealloc (current->buffer, current->bufsize); } } @@ -245,7 +245,7 @@ find_and_hash_each_line (struct file_data *current) lin alloc_lines = current->alloc_lines; lin line = 0; lin linbuf_base = current->linbuf_base; - lin *cureqs = xmalloc (alloc_lines * sizeof *cureqs); + lin *cureqs = xinmalloc (alloc_lines, sizeof *cureqs); struct equivclass *eqs = equivs; lin eqs_index = equivs_index; lin eqs_alloc = equivs_alloc; @@ -381,10 +381,10 @@ find_and_hash_each_line (struct file_data *current) i = eqs_index++; if (i == eqs_alloc) { - if (PTRDIFF_MAX / (2 * sizeof *eqs) <= eqs_alloc) + if (IDX_MAX / (2 * sizeof *eqs) <= eqs_alloc) xalloc_die (); eqs_alloc *= 2; - eqs = xrealloc (eqs, eqs_alloc * sizeof *eqs); + eqs = xirealloc (eqs, eqs_alloc * sizeof *eqs); } eqs[i].next = *bucket; eqs[i].hash = h; @@ -420,15 +420,15 @@ find_and_hash_each_line (struct file_data *current) if (line == alloc_lines) { /* Double (alloc_lines - linbuf_base) by adding to alloc_lines. */ - if (PTRDIFF_MAX / 3 <= alloc_lines - || PTRDIFF_MAX / sizeof *cureqs <= 2 * alloc_lines - linbuf_base - || PTRDIFF_MAX / sizeof *linbuf <= alloc_lines - linbuf_base) + if (IDX_MAX / 3 <= alloc_lines + || IDX_MAX / sizeof *cureqs <= 2 * alloc_lines - linbuf_base + || IDX_MAX / sizeof *linbuf <= alloc_lines - linbuf_base) xalloc_die (); alloc_lines = 2 * alloc_lines - linbuf_base; - cureqs = xrealloc (cureqs, alloc_lines * sizeof *cureqs); + cureqs = xirealloc (cureqs, alloc_lines * sizeof *cureqs); linbuf += linbuf_base; - linbuf = xrealloc (linbuf, - (alloc_lines - linbuf_base) * sizeof *linbuf); + linbuf = xirealloc (linbuf, + (alloc_lines - linbuf_base) * sizeof *linbuf); linbuf -= linbuf_base; } linbuf[line] = ip; @@ -446,14 +446,14 @@ find_and_hash_each_line (struct file_data *current) if (line == alloc_lines) { /* Double (alloc_lines - linbuf_base) by adding to alloc_lines. */ - if (PTRDIFF_MAX / 3 <= alloc_lines - || PTRDIFF_MAX / sizeof *cureqs <= 2 * alloc_lines - linbuf_base - || PTRDIFF_MAX / sizeof *linbuf <= alloc_lines - linbuf_base) + if (IDX_MAX / 3 <= alloc_lines + || IDX_MAX / sizeof *cureqs <= 2 * alloc_lines - linbuf_base + || IDX_MAX / sizeof *linbuf <= alloc_lines - linbuf_base) xalloc_die (); alloc_lines = 2 * alloc_lines - linbuf_base; linbuf += linbuf_base; - linbuf = xrealloc (linbuf, - (alloc_lines - linbuf_base) * sizeof *linbuf); + linbuf = xirealloc (linbuf, + (alloc_lines - linbuf_base) * sizeof *linbuf); linbuf -= linbuf_base; } linbuf[line] = p; @@ -692,7 +692,7 @@ find_identical_ends (struct file_data filevec[]) lin prefix_mask = prefix_count - 1; lin lines = 0; - char const **linbuf0 = xmalloc (alloc_lines0 * sizeof *linbuf0); + char const **linbuf0 = xinmalloc (alloc_lines0, sizeof *linbuf0); bool prefix_needed = ! (no_diff_means_no_output && filevec[0].prefix_end == p0 && filevec[1].prefix_end == p1); @@ -707,10 +707,10 @@ find_identical_ends (struct file_data filevec[]) lin l = lines++ & prefix_mask; if (l == alloc_lines0) { - if (PTRDIFF_MAX / (2 * sizeof *linbuf0) <= alloc_lines0) + if (IDX_MAX / (2 * sizeof *linbuf0) <= alloc_lines0) xalloc_die (); alloc_lines0 *= 2; - linbuf0 = xrealloc (linbuf0, alloc_lines0 * sizeof *linbuf0); + linbuf0 = xirealloc (linbuf0, alloc_lines0 * sizeof *linbuf0); } linbuf0[l] = p0; while (*p0++ != '\n') diff --git a/src/sdiff.c b/src/sdiff.c index 6cebc6d..8678adf 100644 --- a/src/sdiff.c +++ b/src/sdiff.c @@ -361,7 +361,7 @@ static void lf_init (struct line_filter *lf, FILE *infile) { lf->infile = infile; - lf->bufpos = lf->buffer = lf->buflim = xmalloc (SDIFF_BUFSIZE + 1); + lf->bufpos = lf->buffer = lf->buflim = ximalloc (SDIFF_BUFSIZE + 1); lf->buflim[0] = '\n'; } @@ -712,11 +712,11 @@ diffarg (char const *a) { if (! diffarglim) diffarglim = 16; - else if (PTRDIFF_MAX / (2 * sizeof *diffargv) <= diffarglim) + else if (IDX_MAX / (2 * sizeof *diffargv) <= diffarglim) xalloc_die (); else diffarglim *= 2; - diffargv = xrealloc (diffargv, diffarglim * sizeof *diffargv); + diffargv = xirealloc (diffargv, diffarglim * sizeof *diffargv); } diffargv[diffargs++] = a; }