This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v4] Add reallocarray function.
- From: DJ Delorie <dj at redhat dot com>
- To: Dennis Wölfing <denniswoelfing at gmx dot de>
- Cc: libc-alpha at sourceware dot org, fweimer at redhat dot com
- Date: Thu, 11 May 2017 13:28:40 -0400
- Subject: Re: [PATCH v4] Add reallocarray function.
- Authentication-results: sourceware.org; auth=none
- Authentication-results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=dj at redhat dot com
- Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com B18C9C04B951
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com B18C9C04B951
Dennis Wlfing <denniswoelfing@gmx.de> writes:
>>> diff --git a/malloc/reallocarray.c b/malloc/reallocarray.c
>>> +void *
>>> +__libc_reallocarray (void *optr, size_t nmemb, size_t elem_size)
>
> The header include/stdlib.h (not to be confused with stdlib/stdlib.h) is
> an internal glibc header. It declares the function prefixed with __libc_
> so that other glibc functions can call it without causing namespace
> problems. In the public headers only reallocarray is declared which is a
> weak alias for __libc_reallocarray.
I was mostly concerned with the __THROW differences. I've seen those
cause problems in the past.
> The check_mul_overflow_size_t function was put in the new
> malloc-private.h header because malloc-internal.h is also used in other
> parts of glibc.
I have no problems with other parts of glibc seeing it, as long as it
has a suitable name. I'm just trying to avoid having too many headers
without a good reason for them.
>>> + /* Overflow should leave buffer untouched. */
>>
>> This requirement isn't documented anywhere...
>
> The reallocarray documentation says that reallocarray is equivalent to
> realloc(ptr, nmemb*size) and the realloc documentation says it does not
> modify the memory block on failure.
True, but overflow is a new condition that realloc doesn't have, that's
all, and since overflow checking is the *reason* for reallocarray, it
makes sense to clarify how it works.