Re: [PATCH v4] Add reallocarray function.

[Dennis Wölfing <denniswoelfing at gmx dot de>]

On 11.05.2017 19:28, DJ Delorie wrote:> Dennis Wlfing
<denniswoelfing@gmx.de> writes:
>>>> diff --git a/malloc/reallocarray.c b/malloc/reallocarray.c
>>>> +void *
>>>> +__libc_reallocarray (void *optr, size_t nmemb, size_t elem_size)
>>
>> The header include/stdlib.h (not to be confused with stdlib/stdlib.h) is
>> an internal glibc header. It declares the function prefixed with __libc_
>> so that other glibc functions can call it without causing namespace
>> problems. In the public headers only reallocarray is declared which is a
>> weak alias for __libc_reallocarray.
> 
> I was mostly concerned with the __THROW differences.  I've seen those
> cause problems in the past.

Okay, I will add the __THROW.

>> The check_mul_overflow_size_t function was put in the new
>> malloc-private.h header because malloc-internal.h is also used in other
>> parts of glibc.
> 
> I have no problems with other parts of glibc seeing it, as long as it
> has a suitable name.  I'm just trying to avoid having too many headers
> without a good reason for them.

So putting check_mul_overflow_size_t() into malloc-internal.h is
preferred over malloc-private.h?

>>>> +  /* Overflow should leave buffer untouched.  */
>>>
>>> This requirement isn't documented anywhere...
>>
>> The reallocarray documentation says that reallocarray is equivalent to
>> realloc(ptr, nmemb*size) and the realloc documentation says it does not
>> modify the memory block on failure.
> 
> True, but overflow is a new condition that realloc doesn't have, that's
> all, and since overflow checking is the *reason* for reallocarray, it
> makes sense to clarify how it works.
>