summaryrefslogtreecommitdiff
path: root/lib/libc/stdlib
AgeCommit message (Collapse)Author
2009-01-03reintroduce extra malloc protections, but avoiding the use ofDamien Miller
PAGE_(SIZE|SHIFT|MASK) defines that evaluate to variables on the sparc architecture; ok otto@ tested on my reanimated ss20
2008-12-31PAGE_SIZE is not a valid symbol to use in that way. In particular,Theo de Raadt
on sparc, it expands to something that just plain does not work, because the page size can be variable. Sorry we didn't spot this before. Backing it all out to allow sparc to build; please find a different way to fix it.
2008-12-30Remove mprotecting of struct dir_info introduced in previous commitDamien Miller
(MALLOC_OPTIONS=L). It was too slow to turn on by default, and we don't do optional security. requested by deraadt@ grumbling ok otto@
2008-12-29extra paranoia for malloc(3):Damien Miller
Move all runtime options into a structure that is made read-only (via mprotect) after initialisation to protect against attacks that overwrite options to turn off malloc protections (e.g. use-after-free) Allocate the main bookkeeping data (struct dir_info) using mmap(), thereby giving it an unpredictable address. Place a PROT_NONE guard page on either side to further frustrate attacks on it. Add a new 'L' option that maps struct dir_info PROT_NONE except when in the allocator code itself. Makes attacks on it basically impossible. feedback tedu deraadt otto canacar ok otto
2008-12-15shave off more bytes than you expect by declaring a few const local arraysOtto Moerbeek
as static const
2008-11-26Fix typo, okay jmc@.Pedro Martelletto
2008-11-20move allocations between half a page and a page as close to the end ofOtto Moerbeek
the page as possible (i.e. make malloc option P a default). ok art@ millert@ krw@
2008-11-20Reduce the leeway malloc allows when moving allocations to the end ofOtto Moerbeek
a page to 0. P default will be changed in a separate commit. ok millert@ art@ krw@
2008-11-13To allow for easier playing with more strict settings introduceOtto Moerbeek
a separate symbolic constant for the leeway we allow when moving allocations towards the end of a page. No functional change.
2008-11-12avoid a few strlen calls for constant strings; prompted by tg; ok djm@Otto Moerbeek
2008-11-06if the freeprot flag (F) is set, do not do delayed frees for chunksOtto Moerbeek
(might catch errors closer to the trouble spot) and junk fill pages just before reuse instead of immediate (we can't access the page anyway) since we set PROT_NONE in the F case. ok djm@
2008-11-02fix markup of example line and description of G flag; partly from andOtto Moerbeek
ok jmc@
2008-11-02remove distinction between warnings and errors, ok deraadt@ djm@Otto Moerbeek
2008-10-29if MALLOC_STATS is defined, record how many "cheap reallocs" wereOtto Moerbeek
tried and how many actually succeeded.
2008-10-20oops, assign errno the right way. caught by david running regress testsOtto Moerbeek
2008-10-03reduce rbyte cache to 512 bytes, no measurable slowdown (even in theOtto Moerbeek
threaded case) but much smaller working set; prompted by and ok deraadt@
2008-10-03save and restore errno on success. while it is not stricly needed forOtto Moerbeek
non-syscalls, there's just too much code not doing the right thing on error paths; prompted by and ok deraadt@
2008-10-03when increasing the size of a larger than a page allocation tryOtto Moerbeek
mapping the region next to the existing one first; there's a pretty high chance there's a hole there we can use; ok deraadt@ tedu@
2008-10-03avoid spitting up regions when purging stuff from the cache, it putsOtto Moerbeek
too much pressure on the amaps. ok tedu@ deraadt@
2008-09-13document strtold. ok millert@Martynas Venckus
2008-09-13strtof has been introduced in c99Martynas Venckus
from Thomas Pfaff. ok millert@
2008-09-07- replace dtoa w/ David's gdtoa, version 2008-03-15Martynas Venckus
- provide proper dtoa locks - use the real strtof implementation - add strtold, __hdtoa, __hldtoa - add %a/%A support - don't lose precision in printf, don't round to double anymore - implement extended-precision versions of libc functions: fpclassify, isnan, isinf, signbit, isnormal, isfinite, now that the ieee.h is fixed - separate vax versions of strtof, and __hdtoa - add complex math support. added functions: cacos, casin, catan, ccos, csin, ctan, cacosh, casinh, catanh, ccosh, csinh, ctanh, cexp, clog, cabs, cpow, csqrt, carg, cimag, conj, cproj, creal, cacosf, casinf, catanf, ccosf, csinf, ctanf, cacoshf, casinhf, catanhf, ccoshf, csinhf, ctanhf, cexpf, clogf, cabsf, cpowf, csqrtf, cargf, cimagf, conjf, cprojf, crealf - add fdim, fmax, fmin - add log2. (adapted implementation e_log.c. could be more acruate & faster, but it's good enough for now) - remove wrappers & cruft in libm, supposed to work-around mistakes in SVID, etc.; use ieee versions. fixes issues in python 2.6 for djm@ - make _digittoint static - proper definitions for i386, and amd64 in ieee.h - sh, powerpc don't really have extended-precision - add missing definitions for mips64 (quad), m{6,8}k (96-bit) float.h for LDBL_* - merge lead to frac for m{6,8}k, for gdtoa to work properly - add FRAC*BITS & EXT_TO_ARRAY32 definitions in ieee.h, for hdtoa&ldtoa to use - add EXT_IMPLICIT_NBIT definition, which indicates implicit normalization bit - add regression tests for libc: fpclassify and printf - arith.h & gd_qnan.h definitions - update ieee.h: hppa doesn't have quad-precision, hppa64 does - add missing prototypes to gdtoaimp - on 64-bit platforms make sure gdtoa doesn't use a long when it really wants an int - etc., what i may have forgotten... - bump libm major, due to removed&changed symbols - no libc bump, since this is riding on djm's libc major crank from a day ago discussed with / requested by / testing theo, sthen@, djm@, jsg@, merdely@, jsing@, tedu@, brad@, jakemsr@, and others. looks good to millert@ parts of the diff ok kettenis@ this commit does not include: - man page changes
2008-09-03remove now obsolete calloc implementation; prompted by miodOtto Moerbeek
2008-08-25Make all combinations of G, P, J and zero-fill work with as littleOtto Moerbeek
effort as possible in most cases; ok djm@
2008-08-23unbreak MALLOC_OPTIONS=G that I broke in my last commit;Damien Miller
slightly kludgey solution for until otto fixes it properly; ok otto@
2008-08-23fix calloc() for MALLOC_OPTIONS=J case: SOME_JUNK was being filled intoDamien Miller
the freshly mmaped pages disrupting their pure zeroness; ok otto@ deraadt@
2008-08-22make sure we always map and unmap multiples of MALLOC_PAGESIZE;Otto Moerbeek
case spotted by beck, one by me; ok deraadt@ beck@
2008-08-22Smarter implementation of calloc(3), which uses the fact that mmap(2)Otto Moerbeek
returns zero filled pages; remember to replace this function as well if you provide your own malloc implementation; ok djm@ deraadt@
2008-08-07small cleanup of error/warning stringsOtto Moerbeek
2008-07-28man page bits for new malloc; ok jmc@Otto Moerbeek
2008-07-28Almost complete rewrite of malloc, to have a more efficient dataOtto Moerbeek
structure of tracking pages returned by mmap(). Lots of testing by lots of people, thanks to you all. ok djm@ (for a slighly earlier version) deraadt@
2008-06-26First pass at removing clauses 3 and 4 from NetBSD licenses.Ray Lai
Not sure what's more surprising: how long it took for NetBSD to catch up to the rest of the BSDs (including UCB), or the amount of code that NetBSD has claimed for itself without attributing to the actual authors. OK deraadt@
2008-06-13grammar fixes;Jason McIntyre
2008-06-13remove _MALLOC_LOCK_INIT; major bump; ok deraadt@Otto Moerbeek
2008-06-13Add strtof() to libc, some ports seem to like it. Currently it's a simpleLandry Breuil
call to strtod() with bounding check. Discussed with pyr@ and otto@ ok otto@ deraadt@
2008-05-20kill an Xr to a non-existent man page, ulimit(1);Jason McIntyre
2008-05-19remove recalloc(3); it is buggy and impossible to repair without bigOtto Moerbeek
costs; ok jmc@ for the man page bits; ok millert@ deraadt@
2008-04-13Use arc4random_buf() when requesting more than a single word of outputDamien Miller
Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
2008-04-04- do not call pthread_atfork(3) handlers when a multithreaded programKurt Miller
calls vfork(2). "untested, but looks OK" marc@ - document vfork(2), popen(3) and system(3) don't call atfork handlers in multithreaded programs. okay jmc@
2008-02-20use pgfree pool like other code does to reserve free list slots.Otto Moerbeek
prevents a few "cannot free mem because i need mem to free mem" scenarios (one found by weingart@). ok weingart@ millert@ miod@
2007-11-13Put limits.h in front of stdlib.h as style(9) recommends.Tobias Stoeckmann
OK millert@
2007-11-11strtod may return HUGE_VAL on overflow, which is defined in math.h.Tobias Stoeckmann
Therefore added math.h to SYNPOSIS. OK millert@
2007-10-31Add parentheses to avoid warning:Charles Longeau
"suggest parentheses around && within ||" ok millert@
2007-09-05Add missing header to avoid warningCharles Longeau
ok millert@ ray@
2007-09-05no need to talk about bits; ok millert jmcTheo de Raadt
2007-09-03Update free(3) section--we use mmap()/munmap(), not brk().Todd C. Miller
Based on a diff from Mike Belopuhov. OK jmc@
2007-09-03Add __cxa_atexit() support for gcc3. This provides support for shared ↵Todd C. Miller
object destructors called at dlclose() time. Inspired by similar changes in FreeBSD and NetBSD.
2007-09-03add recaloc(3)Todd C. Miller
2007-09-02use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsgTheo de Raadt
2007-08-08Clarify the example about avoiding overflow. OK ray@ deraadt@Todd C. Miller