From 5686ea4acac17705c9704829c24608749acd3d12 Mon Sep 17 00:00:00 2001 From: nijtmans Date: Mon, 6 Dec 2010 09:01:49 +0000 Subject: [Bug 3129448]: possible over-allocation on 64-bit platforms --- ChangeLog | 6 ++++++ generic/tclBinary.c | 6 +++--- generic/tclCkalloc.c | 8 ++++---- generic/tclTrace.c | 27 +++++++++++++-------------- 4 files changed, 26 insertions(+), 21 deletions(-) diff --git a/ChangeLog b/ChangeLog index 51d35b6..44eaf6e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2010-12-06 Jan Nijtmans + + * generic/tclBinary.c [Bug 3129448]: possible over-allocation on 64-bit platforms + * generic/tclCkalloc.c + * generic/tclTrace.c + 2010-12-05 Jan Nijtmans * unix/tcl.m4: [Patch #3116490] cross-compile support for unix diff --git a/generic/tclBinary.c b/generic/tclBinary.c index b40e109..6036f31 100644 --- a/generic/tclBinary.c +++ b/generic/tclBinary.c @@ -10,7 +10,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclBinary.c,v 1.67 2010/11/19 10:17:22 nijtmans Exp $ + * RCS: @(#) $Id: tclBinary.c,v 1.68 2010/12/06 09:01:49 nijtmans Exp $ */ #include "tclInt.h" @@ -174,13 +174,13 @@ typedef struct ByteArray { * array. */ int allocated; /* The amount of space actually allocated * minus 1 byte. */ - unsigned char bytes[4]; /* The array of bytes. The actual size of this + unsigned char bytes[1]; /* The array of bytes. The actual size of this * field depends on the 'allocated' field * above. */ } ByteArray; #define BYTEARRAY_SIZE(len) \ - ((unsigned) (sizeof(ByteArray) - 4 + (len))) + ((unsigned) (TclOffset(ByteArray, bytes) + (len))) #define GET_BYTEARRAY(objPtr) \ ((ByteArray *) (objPtr)->internalRep.otherValuePtr) #define SET_BYTEARRAY(objPtr, baPtr) \ diff --git a/generic/tclCkalloc.c b/generic/tclCkalloc.c index dbd999e..4314554 100644 --- a/generic/tclCkalloc.c +++ b/generic/tclCkalloc.c @@ -14,7 +14,7 @@ * * This code contributed by Karl Lehenbauer and Mark Diekhans * - * RCS: @(#) $Id: tclCkalloc.c,v 1.41 2010/12/01 10:43:36 nijtmans Exp $ + * RCS: @(#) $Id: tclCkalloc.c,v 1.42 2010/12/06 09:01:49 nijtmans Exp $ */ #include "tclInt.h" @@ -32,12 +32,12 @@ typedef struct MemTag { int refCount; /* Number of mem_headers referencing this * tag. */ - char string[4]; /* Actual size of string will be as large as + char string[1]; /* Actual size of string will be as large as * needed for actual tag. This must be the * last field in the structure. */ } MemTag; -#define TAG_SIZE(bytesInString) ((unsigned) sizeof(MemTag) + bytesInString - 3) +#define TAG_SIZE(bytesInString) ((unsigned) ((TclOffset(MemTag, string) + 1) + bytesInString)) static MemTag *curTagPtr = NULL;/* Tag to use in all future mem_headers (set * by "memory tag" command). */ @@ -185,7 +185,7 @@ TclDumpMemoryInfo(ClientData clientData, int flags) maximum_malloc_packets, maximum_bytes_malloced); if (flags == 0) { - fprintf((FILE *)clientData, buf); + fprintf((FILE *)clientData, "%s", buf); } else { /* Assume objPtr to append to */ Tcl_AppendToObj((Tcl_Obj *) clientData, buf, -1); diff --git a/generic/tclTrace.c b/generic/tclTrace.c index 2e8759e..efbfbb7 100644 --- a/generic/tclTrace.c +++ b/generic/tclTrace.c @@ -11,7 +11,7 @@ * See the file "license.terms" for information on usage and redistribution of * this file, and for a DISCLAIMER OF ALL WARRANTIES. * - * RCS: @(#) $Id: tclTrace.c,v 1.60 2010/08/22 18:53:26 nijtmans Exp $ + * RCS: @(#) $Id: tclTrace.c,v 1.61 2010/12/06 09:01:49 nijtmans Exp $ */ #include "tclInt.h" @@ -24,11 +24,11 @@ typedef struct { int flags; /* Operations for which Tcl command is to be * invoked. */ size_t length; /* Number of non-NUL chars. in command. */ - char command[4]; /* Space for Tcl command to invoke. Actual + char command[1]; /* Space for Tcl command to invoke. Actual * size will be as large as necessary to hold * command. This field must be the last in the - * structure, so that it can be larger than 4 - * bytes. */ + * structure, so that it can be larger than 1 + * byte. */ } TraceVarInfo; typedef struct { @@ -58,11 +58,11 @@ typedef struct { * deleted too early. Keeps track of how many * pieces of code have a pointer to this * structure. */ - char command[4]; /* Space for Tcl command to invoke. Actual + char command[1]; /* Space for Tcl command to invoke. Actual * size will be as large as necessary to hold * command. This field must be the last in the - * structure, so that it can be larger than 4 - * bytes. */ + * structure, so that it can be larger than 1 + * byte. */ } TraceCommandInfo; /* @@ -464,9 +464,8 @@ TraceExecutionObjCmd( length = (size_t) commandLength; if ((enum traceOptions) optionIndex == TRACE_ADD) { TraceCommandInfo *tcmdPtr = (TraceCommandInfo *) - ckalloc((unsigned) (sizeof(TraceCommandInfo) - - sizeof(tcmdPtr->command) + length + 1)); - + ckalloc((unsigned) ((TclOffset(TraceCommandInfo, command) + + 1) + length)); tcmdPtr->flags = flags; tcmdPtr->stepTrace = NULL; tcmdPtr->startLevel = 0; @@ -701,8 +700,8 @@ TraceCommandObjCmd( length = (size_t) commandLength; if ((enum traceOptions) optionIndex == TRACE_ADD) { TraceCommandInfo *tcmdPtr = (TraceCommandInfo *) - ckalloc((unsigned) (sizeof(TraceCommandInfo) - - sizeof(tcmdPtr->command) + length + 1)); + ckalloc((unsigned) ((TclOffset(TraceCommandInfo, command) + + 1) + length)); tcmdPtr->flags = flags; tcmdPtr->stepTrace = NULL; @@ -902,8 +901,8 @@ TraceVariableObjCmd( length = (size_t) commandLength; if ((enum traceOptions) optionIndex == TRACE_ADD) { CombinedTraceVarInfo *ctvarPtr = (CombinedTraceVarInfo *) - ckalloc((unsigned) (sizeof(CombinedTraceVarInfo) - + length + 1 - sizeof(ctvarPtr->traceCmdInfo.command))); + ckalloc((unsigned) ((TclOffset(CombinedTraceVarInfo, + traceCmdInfo.command) + 1) + length)); ctvarPtr->traceCmdInfo.flags = flags; if (objv[0] == NULL) { -- cgit v0.12