| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
This avoids undefined behavior when subtracting pointers to
objects containing more than PTRDIFF_MAX bytes.
* lib/xalloc-oversized.h (__xalloc_oversized, xalloc_oversized):
Also return 1 if the result would exceed PTRDIFF_MAX>
* modules/xalloc-oversized (Depends-on):
Add stdint.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unlike the bulk of xalloc* which calls exit() on allocation failure,
and thus is unacceptable in a library, the xalloc-oversized.h header
is a mere macro that makes checks for allocation overflow possible in
all sorts of portable code. In fact, the LGPLv2+ module malloca
already has a copy of this check, arguing that this header is more
useful under a permissive license. See also this thread.
https://lists.gnu.org/archive/html/bug-gnulib/2013-05/msg00092.html
* modules/xalloc-oversized (License): Change from GPLv3+.
Signed-off-by: Eric Blake <eblake@redhat.com>
|
|
Due to inline functions, mere inclusion of xalloc.h can result
in a link dependency on xalloc_die() on some platforms. However,
there are several modules that want to use just xalloc_oversized
in order to short-circuit the potential to call xalloc_die.
Splitting the macro into a new header and module makes this easy.
* modules/xalloc-oversized: New module.
* modules/xalloc (Depends-on): Add it.
* lib/xalloc.h (xalloc_oversized): Move...
* lib/xalloc-oversized.h: ...into new file.
Signed-off-by: Eric Blake <eblake@redhat.com>
|