diff options
| author | Otto Moerbeek <otto@cvs.openbsd.org> | 2018-11-21 06:57:05 +0000 |
|---|---|---|
| committer | Otto Moerbeek <otto@cvs.openbsd.org> | 2018-11-21 06:57:05 +0000 |
| commit | ce94373d770a9aea0a5dc4a7cf14c167ab60874e (patch) | |
| tree | ae4b5e7ce0cf043db5627e3ec62002539a1d0ed1 | |
| parent | 47d4eedcfd2d0e3da3ab4d691658eba0db6108bc (diff) | |
Introducing malloc_usable_size() was a mistake. While some other
libs have it, it is a function that is considered harmful, so:
Delete malloc_usable_size(). It is a function that blurs the line
between malloc managed memory and application managed memory and
exposes some of the internal workings of malloc. If an application
relies on that, it is likely to break using another implementation
of malloc. If you want usable size x, just allocate x bytes. ok
deraadt@ and other devs
| -rw-r--r-- | include/stdlib.h | 3 | ||||
| -rw-r--r-- | lib/libc/Symbols.list | 1 | ||||
| -rw-r--r-- | lib/libc/hidden/stdlib.h | 3 | ||||
| -rw-r--r-- | lib/libc/shlib_version | 4 | ||||
| -rw-r--r-- | lib/libc/stdlib/malloc.3 | 31 | ||||
| -rw-r--r-- | lib/libc/stdlib/malloc.c | 79 |
6 files changed, 9 insertions, 112 deletions
diff --git a/include/stdlib.h b/include/stdlib.h index b0f3dd14782..7a26ed90e4e 100644 --- a/include/stdlib.h +++ b/include/stdlib.h @@ -1,4 +1,4 @@ -/* $OpenBSD: stdlib.h,v 1.74 2018/11/18 16:15:18 otto Exp $ */ +/* $OpenBSD: stdlib.h,v 1.75 2018/11/21 06:57:04 otto Exp $ */ /* $NetBSD: stdlib.h,v 1.25 1995/12/27 21:19:08 jtc Exp $ */ /*- @@ -112,7 +112,6 @@ long labs(long); ldiv_t ldiv(long, long); void *malloc(size_t); #if __BSD_VISIBLE -size_t malloc_usable_size(void *); void freezero(void *, size_t) __attribute__ ((__bounded__(__buffer__,1,2))); void *reallocarray(void *, size_t, size_t); diff --git a/lib/libc/Symbols.list b/lib/libc/Symbols.list index 8210ebcda20..15c4fff6c2b 100644 --- a/lib/libc/Symbols.list +++ b/lib/libc/Symbols.list @@ -1527,7 +1527,6 @@ lldiv lsearch malloc malloc_options -malloc_usable_size _malloc_init mergesort optarg diff --git a/lib/libc/hidden/stdlib.h b/lib/libc/hidden/stdlib.h index 87858ad2738..272e979c26d 100644 --- a/lib/libc/hidden/stdlib.h +++ b/lib/libc/hidden/stdlib.h @@ -1,4 +1,4 @@ -/* $OpenBSD: stdlib.h,v 1.14 2018/11/18 16:15:18 otto Exp $ */ +/* $OpenBSD: stdlib.h,v 1.15 2018/11/21 06:57:04 otto Exp $ */ /* $NetBSD: stdlib.h,v 1.25 1995/12/27 21:19:08 jtc Exp $ */ /*- @@ -105,7 +105,6 @@ PROTO_STD_DEPRECATED(llabs); PROTO_STD_DEPRECATED(lldiv); PROTO_DEPRECATED(lrand48); /*PROTO_NORMAL(malloc); not yet, breaks emacs */ -PROTO_DEPRECATED(malloc_usable_size); PROTO_STD_DEPRECATED(mblen); PROTO_STD_DEPRECATED(mbstowcs); PROTO_STD_DEPRECATED(mbtowc); diff --git a/lib/libc/shlib_version b/lib/libc/shlib_version index 222d38e7d8f..2a599669406 100644 --- a/lib/libc/shlib_version +++ b/lib/libc/shlib_version @@ -1,4 +1,4 @@ -major=92 -minor=8 +major=93 +minor=0 # note: If changes were made to include/thread_private.h or if system # calls were added/changed then librthread/shlib_version also be updated. diff --git a/lib/libc/stdlib/malloc.3 b/lib/libc/stdlib/malloc.3 index c1776f61cb8..c0472ee2b93 100644 --- a/lib/libc/stdlib/malloc.3 +++ b/lib/libc/stdlib/malloc.3 @@ -30,9 +30,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: malloc.3,v 1.119 2018/11/18 16:15:18 otto Exp $ +.\" $OpenBSD: malloc.3,v 1.120 2018/11/21 06:57:04 otto Exp $ .\" -.Dd $Mdocdate: November 18 2018 $ +.Dd $Mdocdate: November 21 2018 $ .Dt MALLOC 3 .Os .Sh NAME @@ -43,8 +43,7 @@ .Nm reallocarray , .Nm recallocarray , .Nm freezero , -.Nm aligned_alloc , -.Nm malloc_usable_size +.Nm aligned_alloc .Nd memory allocation and deallocation .Sh SYNOPSIS .In stdlib.h @@ -65,7 +64,6 @@ .Ft void * .Fn aligned_alloc "size_t alignment" "size_t size" .Ft size_t -.Fn malloc_usable_size "void *ptr" .Vt char *malloc_options ; .Sh DESCRIPTION The standard functions @@ -236,25 +234,6 @@ If is not a multiple of .Fa alignment , behavior is undefined. -.Pp -The -.Fn malloc_usable_size -function returns the actual size of the allocated memory pointed to by -.Va ptr . -If -.Va ptr -is -.Dv NULL , -it returns 0. -If -.Va ptr -was never returned by an allocation function or freed before, -the behavior is undefined. -This function should not be relied upon since it exposes some of the internal -workings of the -.Fn malloc -family of functions. -Writing beyond the requested size introduces undefined behavior. .Sh RETURN VALUES Upon successful completion, the allocation functions return a pointer to the allocated space; otherwise, @@ -640,9 +619,7 @@ function appeared in .Ox 6.2 . The .Fn aligned_alloc -and -.Fn malloc_usable_size -functions appeared in +function appeared in .Ox 6.5 . .Sh CAVEATS When using diff --git a/lib/libc/stdlib/malloc.c b/lib/libc/stdlib/malloc.c index 513defccbcb..0912b904b82 100644 --- a/lib/libc/stdlib/malloc.c +++ b/lib/libc/stdlib/malloc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: malloc.c,v 1.253 2018/11/19 22:50:24 guenther Exp $ */ +/* $OpenBSD: malloc.c,v 1.254 2018/11/21 06:57:04 otto Exp $ */ /* * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek <otto@drijf.net> * Copyright (c) 2012 Matthew Dempsky <matthew@openbsd.org> @@ -1466,83 +1466,6 @@ freezero(void *ptr, size_t sz) } DEF_WEAK(freezero); -static size_t -osize(struct dir_info *argpool, void *p) -{ - struct dir_info *pool; - struct region_info *r; - char *saved_function; - size_t sz; - int i; - - pool = argpool; - r = find(pool, p); - if (r == NULL) { - if (mopts.malloc_mt) { - for (i = 0; i < _MALLOC_MUTEXES; i++) { - if (i == argpool->mutex) - continue; - pool->active--; - _MALLOC_UNLOCK(pool->mutex); - pool = mopts.malloc_pool[i]; - _MALLOC_LOCK(pool->mutex); - pool->active++; - r = find(pool, p); - if (r != NULL) { - saved_function = pool->func; - pool->func = argpool->func; - break; - } - } - } - if (r == NULL) - wrterror(argpool, "bogus pointer (double free?) %p", p); - } - - REALSIZE(sz, r); - if (sz > MALLOC_MAXCHUNK) { - if (MALLOC_MOVE_COND(sz)) - sz = MALLOC_PAGESIZE - ((char *)p - (char *)r->p); - else - sz = PAGEROUND(sz); - } - if (argpool != pool) { - pool->active--; - pool->func = saved_function; - _MALLOC_UNLOCK(pool->mutex); - _MALLOC_LOCK(argpool->mutex); - argpool->active++; - } - return sz; -} - -size_t -malloc_usable_size(void *ptr) -{ - struct dir_info *d; - int saved_errno = errno; - size_t sz; - - /* This is legal. */ - if (ptr == NULL) - return 0; - - d = getpool(); - if (d == NULL) - wrterror(d, "malloc_usable_size() called before allocation"); - _MALLOC_LOCK(d->mutex); - d->func = "malloc_usable_size"; - if (d->active++) { - malloc_recurse(d); - return 0; - } - sz = osize(d, ptr); - d->active--; - _MALLOC_UNLOCK(d->mutex); - errno = saved_errno; - return sz; -} - static void * orealloc(struct dir_info *argpool, void *p, size_t newsz, void *f) { |