This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH 07/17] Regex: Additional memory management checks.
- From: Arnold Robbins <arnold at skeeve dot com>
- To: carlos at redhat dot com, libc-alpha at sourceware dot org
- Date: Fri, 08 Dec 2017 11:16:59 +0200
- Subject: [PATCH 07/17] Regex: Additional memory management checks.
- Authentication-results: sourceware.org; auth=none
This patch adds several small memory management safety checks.
The last one is particularly important.
2017-11-27 Arnold D. Robbins <arnold@skeeve.com>
* posix/regcomp.c (analyze): Additional memory management
safety checks.
* posix/regexec.c (re_search_internal): Ditto.
* posix/regex_internal.c (re_node_set_alloc): Ditto.
diff --git a/posix/regcomp.c b/posix/regcomp.c
index c1fd23b..83fcc40 100644
--- a/posix/regcomp.c
+++ b/posix/regcomp.c
@@ -1157,7 +1157,11 @@ analyze (regex_t *preg)
|| dfa->eclosures == NULL, 0))
return REG_ESPACE;
+ /* some malloc()-checkers don't like zero allocations */
+ if (preg->re_nsub > 0)
dfa->subexp_map = re_malloc (int, preg->re_nsub);
+ else
+ dfa->subexp_map = NULL;
if (dfa->subexp_map != NULL)
{
int i;
diff --git a/posix/regex_internal.c b/posix/regex_internal.c
index 506ccad..968fd77 100644
--- a/posix/regex_internal.c
+++ b/posix/regex_internal.c
@@ -958,6 +958,16 @@ static reg_errcode_t
__attribute_warn_unused_result__
re_node_set_alloc (re_node_set *set, int size)
{
+ /*
+ * ADR: valgrind says size can be 0, which then doesn't
+ * free the block of size 0. Harumph. This seems
+ * to work ok, though.
+ */
+ if (size == 0)
+ {
+ memset(set, 0, sizeof(*set));
+ return REG_NOERROR;
+ }
set->alloc = size;
set->nelem = 0;
set->elems = re_malloc (int, size);
diff --git a/posix/regexec.c b/posix/regexec.c
index 2d2bc46..8573765 100644
--- a/posix/regexec.c
+++ b/posix/regexec.c
@@ -605,7 +605,7 @@ re_search_internal (const regex_t *preg, const char *string, int length,
nmatch -= extra_nmatch;
/* Check if the DFA haven't been compiled. */
- if (BE (preg->used == 0 || dfa->init_state == NULL
+ if (BE (preg->used == 0 || dfa == NULL || dfa->init_state == NULL
|| dfa->init_state_word == NULL || dfa->init_state_nl == NULL
|| dfa->init_state_begbuf == NULL, 0))
return REG_NOMATCH;