From 1d055ac3fec5929f47ea6a3148c8f64815cbb220 Mon Sep 17 00:00:00 2001
From: Paul Moore <paul@paul-moore.com>
Date: Fri, 17 Feb 2017 15:57:56 -0500
Subject: all: introduce a zmalloc() helper function

Signed-off-by: Paul Moore <paul@paul-moore.com>
---
 src/Makefile.am |  2 +-
 src/db.c        | 38 +++++++++++++-------------------------
 src/gen_bpf.c   | 11 ++++-------
 src/gen_pfc.c   |  4 ++--
 src/helper.c    | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
 src/helper.h    | 27 +++++++++++++++++++++++++++
 6 files changed, 96 insertions(+), 35 deletions(-)
 create mode 100644 src/helper.c
 create mode 100644 src/helper.h

diff --git a/src/Makefile.am b/src/Makefile.am
index e489cec..09d454e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -22,7 +22,7 @@ SUBDIRS += python
 endif
 
 SOURCES_ALL = \
-	api.c system.h system.c \
+	api.c system.h system.c helper.h helper.c \
 	gen_pfc.h gen_pfc.c gen_bpf.h gen_bpf.c \
 	hash.h hash.c \
 	db.h db.c \
diff --git a/src/db.c b/src/db.c
index 37f013c..946d47c 100644
--- a/src/db.c
+++ b/src/db.c
@@ -31,6 +31,7 @@
 #include "arch.h"
 #include "db.h"
 #include "system.h"
+#include "helper.h"
 
 /* state values */
 #define _DB_STA_VALID			0xA1B2C3D4
@@ -400,15 +401,12 @@ static struct db_filter *_db_init(const struct arch_def *arch)
 {
 	struct db_filter *db;
 
-	db = malloc(sizeof(*db));
+	db = zmalloc(sizeof(*db));
 	if (db == NULL)
 		return NULL;
 
-	/* clear the buffer for the first time and set the arch */
-	memset(db, 0, sizeof(*db));
+	/* set the arch and reset the DB to a known state */
 	db->arch = arch;
-
-	/* reset the DB to a known state */
 	_db_reset(db);
 
 	return db;
@@ -491,10 +489,9 @@ static int _db_syscall_priority(struct db_filter *db,
 	}
 
 	/* no existing syscall entry - create a phantom entry */
-	s_new = malloc(sizeof(*s_new));
+	s_new = zmalloc(sizeof(*s_new));
 	if (s_new == NULL)
 		return -ENOMEM;
-	memset(s_new, 0, sizeof(*s_new));
 	s_new->num = syscall;
 	s_new->priority = sys_pri;
 	s_new->valid = false;
@@ -608,13 +605,10 @@ struct db_filter_col *db_col_init(uint32_t def_action)
 {
 	struct db_filter_col *col;
 
-	col = malloc(sizeof(*col));
+	col = zmalloc(sizeof(*col));
 	if (col == NULL)
 		return NULL;
 
-	/* clear the buffer for the first time */
-	memset(col, 0, sizeof(*col));
-
 	/* reset the DB to a known state */
 	if (db_col_reset(col, def_action) < 0)
 		goto init_failure;
@@ -1019,10 +1013,9 @@ static struct db_sys_list *_db_rule_gen_64(const struct arch_def *arch,
 	struct db_arg_chain_tree *c_prev_hi = NULL, *c_prev_lo = NULL;
 	bool tf_flag;
 
-	s_new = malloc(sizeof(*s_new));
+	s_new = zmalloc(sizeof(*s_new));
 	if (s_new == NULL)
 		return NULL;
-	memset(s_new, 0, sizeof(*s_new));
 	s_new->num = syscall;
 	s_new->valid = true;
 	/* run through the argument chain */
@@ -1037,17 +1030,15 @@ static struct db_sys_list *_db_rule_gen_64(const struct arch_def *arch,
 		    !_db_arg_cmp_need_lo(&chain[iter]))
 			continue;
 
-		c_iter_hi = malloc(sizeof(*c_iter_hi));
+		c_iter_hi = zmalloc(sizeof(*c_iter_hi));
 		if (c_iter_hi == NULL)
 			goto gen_64_failure;
-		memset(c_iter_hi, 0, sizeof(*c_iter_hi));
 		c_iter_hi->refcnt = 1;
-		c_iter_lo = malloc(sizeof(*c_iter_lo));
+		c_iter_lo = zmalloc(sizeof(*c_iter_lo));
 		if (c_iter_lo == NULL) {
 			free(c_iter_hi);
 			goto gen_64_failure;
 		}
-		memset(c_iter_lo, 0, sizeof(*c_iter_lo));
 		c_iter_lo->refcnt = 1;
 
 		/* link this level to the previous level */
@@ -1154,10 +1145,9 @@ static struct db_sys_list *_db_rule_gen_32(const struct arch_def *arch,
 	struct db_arg_chain_tree *c_iter = NULL, *c_prev = NULL;
 	bool tf_flag;
 
-	s_new = malloc(sizeof(*s_new));
+	s_new = zmalloc(sizeof(*s_new));
 	if (s_new == NULL)
 		return NULL;
-	memset(s_new, 0, sizeof(*s_new));
 	s_new->num = syscall;
 	s_new->valid = true;
 	/* run through the argument chain */
@@ -1169,10 +1159,9 @@ static struct db_sys_list *_db_rule_gen_32(const struct arch_def *arch,
 		if (!_db_arg_cmp_need_lo(&chain[iter]))
 			continue;
 
-		c_iter = malloc(sizeof(*c_iter));
+		c_iter = zmalloc(sizeof(*c_iter));
 		if (c_iter == NULL)
 			goto gen_32_failure;
-		memset(c_iter, 0, sizeof(*c_iter));
 		c_iter->refcnt = 1;
 		c_iter->arg = chain[iter].arg;
 		c_iter->arg_offset = arch_arg_offset(arch, c_iter->arg);
@@ -1589,10 +1578,9 @@ int db_col_rule_add(struct db_filter_col *col,
 
 	/* collect the arguments for the filter rule */
 	chain_size = sizeof(*chain) * ARG_COUNT_MAX;
-	chain = malloc(chain_size);
+	chain = zmalloc(chain_size);
 	if (chain == NULL)
 		return -ENOMEM;
-	memset(chain, 0, chain_size);
 	for (iter = 0; iter < arg_cnt; iter++) {
 		arg_data = arg_array[iter];
 		arg_num = arg_data.arg;
@@ -1655,10 +1643,10 @@ int db_col_transaction_start(struct db_filter_col *col)
 	struct db_api_rule_list *rule_o, *rule_s;
 
 	/* allocate the snapshot */
-	snap = malloc(sizeof(*snap));
+	snap = zmalloc(sizeof(*snap));
 	if (snap == NULL)
 		return -ENOMEM;
-	snap->filters = malloc(sizeof(struct db_filter *) * col->filter_cnt);
+	snap->filters = zmalloc(sizeof(struct db_filter *) * col->filter_cnt);
 	if (snap->filters == NULL) {
 		free(snap);
 		return -ENOMEM;
diff --git a/src/gen_bpf.c b/src/gen_bpf.c
index 2418a1a..65e96c4 100644
--- a/src/gen_bpf.c
+++ b/src/gen_bpf.c
@@ -39,6 +39,7 @@
 #include "db.h"
 #include "hash.h"
 #include "system.h"
+#include "helper.h"
 
 /* allocation increments */
 #define AINC_BLK			2
@@ -314,11 +315,9 @@ static struct bpf_blk *_blk_alloc(void)
 {
 	struct bpf_blk *blk;
 
-	blk = malloc(sizeof(*blk));
+	blk = zmalloc(sizeof(*blk));
 	if (blk == NULL)
 		return NULL;
-
-	memset(blk, 0, sizeof(*blk));
 	blk->flag_unique = true;
 	blk->acc_start = _ACC_STATE_UNDEF;
 	blk->acc_end = _ACC_STATE_UNDEF;
@@ -568,10 +567,9 @@ static int _hsh_add(struct bpf_state *state, struct bpf_blk **blk_p,
 	if (blk->flag_hash)
 		return 0;
 
-	h_new = malloc(sizeof(*h_new));
+	h_new = zmalloc(sizeof(*h_new));
 	if (h_new == NULL)
 		return -ENOMEM;
-	memset(h_new, 0, sizeof(*h_new));
 
 	/* generate the hash */
 	h_val = jhash(blk->blks, _BLK_MSZE(blk), 0);
@@ -1932,10 +1930,9 @@ struct bpf_program *gen_bpf_generate(const struct db_filter_col *col)
 	memset(&state, 0, sizeof(state));
 	state.attr = &col->attr;
 
-	state.bpf = malloc(sizeof(*(state.bpf)));
+	state.bpf = zmalloc(sizeof(*(state.bpf)));
 	if (state.bpf == NULL)
 		return NULL;
-	memset(state.bpf, 0, sizeof(*(state.bpf)));
 
 	rc = _gen_bpf_build_bpf(&state, col);
 	if (rc < 0)
diff --git a/src/gen_pfc.c b/src/gen_pfc.c
index b9c122e..0215ee8 100644
--- a/src/gen_pfc.c
+++ b/src/gen_pfc.c
@@ -34,6 +34,7 @@
 #include "arch.h"
 #include "db.h"
 #include "gen_pfc.h"
+#include "helper.h"
 
 struct pfc_sys_list {
 	struct db_sys_list *sys;
@@ -270,12 +271,11 @@ static int _gen_pfc_arch(const struct db_filter_col *col,
 
 	/* sort the syscall list */
 	db_list_foreach(s_iter, db->syscalls) {
-		p_new = malloc(sizeof(*p_new));
+		p_new = zmalloc(sizeof(*p_new));
 		if (p_new == NULL) {
 			rc = -ENOMEM;
 			goto arch_return;
 		}
-		memset(p_new, 0, sizeof(*p_new));
 		p_new->sys = s_iter;
 
 		p_prev = NULL;
diff --git a/src/helper.c b/src/helper.c
new file mode 100644
index 0000000..c746749
--- /dev/null
+++ b/src/helper.c
@@ -0,0 +1,49 @@
+/**
+ * Helper functions for libseccomp
+ *
+ * Copyright (c) 2017 Red Hat <pmoore@redhat.com>
+ * Author: Paul Moore <paul@paul-moore.com>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "helper.h"
+
+/**
+ * Allocate memory
+ * @param size the size of the buffer to allocate
+ *
+ * This function allocates a buffer of the given size, initializes it to zero,
+ * and returns a pointer to buffer on success.  NULL is returned on failure.
+ *
+ */
+void *zmalloc(size_t size)
+{
+	void *ptr;
+
+	/* NOTE: unlike malloc() zero size allocations always return NULL */
+	if (size == 0)
+		return NULL;
+
+	ptr = malloc(size);
+	if (!ptr)
+		return NULL;
+	memset(ptr, 0, size);
+
+	return ptr;
+}
diff --git a/src/helper.h b/src/helper.h
new file mode 100644
index 0000000..2d610ce
--- /dev/null
+++ b/src/helper.h
@@ -0,0 +1,27 @@
+/**
+ * Helper functions for libseccomp
+ *
+ * Copyright (c) 2017 Red Hat <pmoore@redhat.com>
+ * Author: Paul Moore <paul@paul-moore.com>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#ifndef _FILTER_HELPER_H
+#define _FILTER_HELPER_H
+
+void *zmalloc(size_t size);
+
+#endif
-- 
cgit v1.2.1