From da0aba21779529d98436e42323fc12f702390969 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Fri, 11 Jul 2014 20:18:41 -0700 Subject: Update to rra-c-util 5.5 and C TAP Harness 3.1 Update to rra-c-util 5.5: * Use Lancaster Consensus environment variables to control tests. * Use calloc or reallocarray for protection against integer overflows. * Suppress warnings from Kerberos headers in non-system paths. * Assume calloc initializes pointers to NULL. * Assume free(NULL) is properly ignored. * Improve error handling in xasprintf and xvasprintf. * Check the return status of snprintf and vsnprintf properly. * Preserve errno if snprintf fails in vasprintf replacement. Update to C TAP Harness 3.1: * Reopen standard input to /dev/null when running a test list. * Don't leak extraneous file descriptors to tests. * Suppress lazy plans and test summaries if the test failed with bail. * runtests now treats the command line as a list of tests by default. * The full test executable path can now be passed to runtests -o. * Improved harness output for tests with lazy plans. * Improved harness output to a terminal for some abort cases. * Flush harness output after each test even when not on a terminal. Change-Id: I05161eb3d3be49a98f7762e876cb114da0c84e9a Reviewed-on: https://gerrit.stanford.edu/1529 Reviewed-by: Russ Allbery Tested-by: Russ Allbery --- util/messages-krb5.c | 3 +-- util/messages-krb5.h | 6 ++---- util/messages.c | 37 ++++++++++++++++++++++++++++++++++--- util/messages.h | 9 ++++++++- util/xmalloc.c | 39 +++++++++++++++++++++++++++++++-------- util/xmalloc.h | 15 ++++++++++++--- 6 files changed, 88 insertions(+), 21 deletions(-) (limited to 'util') diff --git a/util/messages-krb5.c b/util/messages-krb5.c index b058586..961ea1d 100644 --- a/util/messages-krb5.c +++ b/util/messages-krb5.c @@ -9,7 +9,7 @@ * which can be found at . * * Written by Russ Allbery - * Copyright 2006, 2007, 2008, 2009, 2010 + * Copyright 2006, 2007, 2008, 2009, 2010, 2013 * The Board of Trustees of the Leland Stanford Junior University * * Permission is hereby granted, free of charge, to any person obtaining a @@ -35,7 +35,6 @@ #include #include -#include #include #include #include diff --git a/util/messages-krb5.h b/util/messages-krb5.h index a9072bf..3fc0862 100644 --- a/util/messages-krb5.h +++ b/util/messages-krb5.h @@ -5,7 +5,7 @@ * which can be found at . * * Written by Russ Allbery - * Copyright 2006, 2007, 2008, 2009, 2010 + * Copyright 2006, 2007, 2008, 2009, 2010, 2013 * The Board of Trustees of the Leland Stanford Junior University * * Permission is hereby granted, free of charge, to any person obtaining a @@ -31,11 +31,9 @@ #define UTIL_MESSAGES_KRB5_H 1 #include +#include #include -#include -#include - BEGIN_DECLS /* Default to a hidden visibility for all util functions. */ diff --git a/util/messages.c b/util/messages.c index 9ec3ba8..a43d962 100644 --- a/util/messages.c +++ b/util/messages.c @@ -54,7 +54,7 @@ * which can be found at . * * Written by Russ Allbery - * Copyright 2008, 2009, 2010 + * Copyright 2008, 2009, 2010, 2013 * The Board of Trustees of the Leland Stanford Junior University * Copyright (c) 2004, 2005, 2006 * by Internet Systems Consortium, Inc. ("ISC") @@ -131,7 +131,7 @@ message_handlers(message_handler_func **list, unsigned int count, va_list args) if (*list != stdout_handlers && *list != stderr_handlers) free(*list); - *list = xmalloc(sizeof(message_handler_func) * (count + 1)); + *list = xcalloc(count + 1, sizeof(message_handler_func)); for (i = 0; i < count; i++) (*list)[i] = (message_handler_func) va_arg(args, message_handler_func); (*list)[count] = NULL; @@ -159,6 +159,31 @@ HANDLER_FUNCTION(warn) HANDLER_FUNCTION(die) +/* + * Reset all handlers back to the defaults and free all allocated memory. + * This is primarily useful for programs that undergo comprehensive memory + * allocation analysis. + */ +void +message_handlers_reset(void) +{ + free(debug_handlers); + debug_handlers = NULL; + if (notice_handlers != stdout_handlers) { + free(notice_handlers); + notice_handlers = stdout_handlers; + } + if (warn_handlers != stderr_handlers) { + free(warn_handlers); + warn_handlers = stderr_handlers; + } + if (die_handlers != stderr_handlers) { + free(die_handlers); + die_handlers = stderr_handlers; + } +} + + /* * Print a message to stdout, supporting message_program_name. */ @@ -204,6 +229,7 @@ static void message_log_syslog(int pri, size_t len, const char *fmt, va_list args, int err) { char *buffer; + int status; buffer = malloc(len + 1); if (buffer == NULL) { @@ -211,7 +237,12 @@ message_log_syslog(int pri, size_t len, const char *fmt, va_list args, int err) (unsigned long) len + 1, __FILE__, __LINE__, strerror(errno)); exit(message_fatal_cleanup ? (*message_fatal_cleanup)() : 1); } - vsnprintf(buffer, len + 1, fmt, args); + status = vsnprintf(buffer, len + 1, fmt, args); + if (status < 0) { + warn("failed to format output with vsnprintf in syslog handler"); + free(buffer); + return; + } #ifdef _WIN32 { HANDLE eventlog; diff --git a/util/messages.h b/util/messages.h index 463137c..8c731b7 100644 --- a/util/messages.h +++ b/util/messages.h @@ -4,7 +4,7 @@ * The canonical version of this file is maintained in the rra-c-util package, * which can be found at . * - * Copyright 2008, 2010 + * Copyright 2008, 2010, 2013, 2014 * The Board of Trustees of the Leland Stanford Junior University * Copyright (c) 2004, 2005, 2006 * by Internet Systems Consortium, Inc. ("ISC") @@ -34,6 +34,7 @@ #include #include +#include BEGIN_DECLS @@ -71,6 +72,12 @@ void message_handlers_notice(unsigned int count, ...); void message_handlers_warn(unsigned int count, ...); void message_handlers_die(unsigned int count, ...); +/* + * Reset all message handlers back to the defaults and free any memory that + * was allocated by the other message_handlers_* functions. + */ +void message_handlers_reset(void); + /* * Some useful handlers, intended to be passed to message_handlers_*. All * handlers take the length of the formatted message, the format, a variadic diff --git a/util/xmalloc.c b/util/xmalloc.c index a78e31a..721447a 100644 --- a/util/xmalloc.c +++ b/util/xmalloc.c @@ -33,6 +33,10 @@ * allocation function will try its allocation again (calling the handler * again if it still fails). * + * xreallocarray behaves the same as the OpenBSD reallocarray function but for + * the same error checking, which in turn is the same as realloc but with + * calloc-style arguments and size overflow checking. + * * xstrndup behaves like xstrdup but only copies the given number of * characters. It allocates an additional byte over its second argument and * always nul-terminates the string. @@ -58,7 +62,7 @@ * The canonical version of this file is maintained in the rra-c-util package, * which can be found at . * - * Copyright 2012 + * Copyright 2012, 2013, 2014 * The Board of Trustees of the Leland Stanford Junior University * Copyright (c) 2004, 2005, 2006 * by Internet Systems Consortium, Inc. ("ISC") @@ -84,8 +88,6 @@ #include #include -#include - #include #include @@ -96,8 +98,12 @@ void xmalloc_fail(const char *function, size_t size, const char *file, int line) { - sysdie("failed to %s %lu bytes at %s line %d", function, - (unsigned long) size, file, line); + if (size == 0) + sysdie("failed to format output with %s at %s line %d", function, + file, line); + else + sysdie("failed to %s %lu bytes at %s line %d", function, + (unsigned long) size, file, line); } /* Assign to this variable to choose a handler other than the default. */ @@ -150,6 +156,20 @@ x_realloc(void *p, size_t size, const char *file, int line) } +void * +x_reallocarray(void *p, size_t n, size_t size, const char *file, int line) +{ + void *newp; + + newp = reallocarray(p, n, size); + while (newp == NULL && size > 0 && n > 0) { + (*xmalloc_error_handler)("reallocarray", n * size, file, line); + newp = reallocarray(p, n, size); + } + return newp; +} + + char * x_strdup(const char *s, const char *file, int line) { @@ -208,7 +228,8 @@ x_vasprintf(char **strp, const char *fmt, va_list args, const char *file, va_copy(args_copy, args); status = vsnprintf(NULL, 0, fmt, args_copy); va_end(args_copy); - (*xmalloc_error_handler)("vasprintf", status + 1, file, line); + status = (status < 0) ? 0 : status + 1; + (*xmalloc_error_handler)("vasprintf", status, file, line); va_copy(args_copy, args); status = vasprintf(strp, fmt, args_copy); va_end(args_copy); @@ -231,7 +252,8 @@ x_asprintf(char **strp, const char *file, int line, const char *fmt, ...) va_copy(args_copy, args); status = vsnprintf(NULL, 0, fmt, args_copy); va_end(args_copy); - (*xmalloc_error_handler)("asprintf", status + 1, file, line); + status = (status < 0) ? 0 : status + 1; + (*xmalloc_error_handler)("asprintf", status, file, line); va_copy(args_copy, args); status = vasprintf(strp, fmt, args_copy); va_end(args_copy); @@ -252,7 +274,8 @@ x_asprintf(char **strp, const char *fmt, ...) va_copy(args_copy, args); status = vsnprintf(NULL, 0, fmt, args_copy); va_end(args_copy); - (*xmalloc_error_handler)("asprintf", status + 1, __FILE__, __LINE__); + status = (status < 0) ? 0 : status + 1; + (*xmalloc_error_handler)("asprintf", status, __FILE__, __LINE__); va_copy(args_copy, args); status = vasprintf(strp, fmt, args_copy); va_end(args_copy); diff --git a/util/xmalloc.h b/util/xmalloc.h index 55a0b91..a4b4686 100644 --- a/util/xmalloc.h +++ b/util/xmalloc.h @@ -4,7 +4,7 @@ * The canonical version of this file is maintained in the rra-c-util package, * which can be found at . * - * Copyright 2010, 2012 + * Copyright 2010, 2012, 2013, 2014 * The Board of Trustees of the Leland Stanford Junior University * Copyright (c) 2004, 2005, 2006 * by Internet Systems Consortium, Inc. ("ISC") @@ -33,7 +33,8 @@ #include #include -#include +#include +#include /* * The functions are actually macros so that we can pick up the file and line @@ -46,6 +47,8 @@ #define xstrdup(p) x_strdup((p), __FILE__, __LINE__) #define xstrndup(p, size) x_strndup((p), (size), __FILE__, __LINE__) #define xvasprintf(p, f, a) x_vasprintf((p), (f), (a), __FILE__, __LINE__) +#define xreallocarray(p, n, size) \ + x_reallocarray((p), (n), (size), __FILE__, __LINE__) /* * asprintf is a special case since it takes variable arguments. If we have @@ -80,6 +83,8 @@ void *x_malloc(size_t, const char *, int) __attribute__((__alloc_size__(1), __malloc__, __nonnull__)); void *x_realloc(void *, size_t, const char *, int) __attribute__((__alloc_size__(2), __malloc__, __nonnull__(3))); +void *x_reallocarray(void *, size_t, size_t, const char *, int) + __attribute__((__alloc_size__(2, 3), __malloc__, __nonnull__(4))); char *x_strdup(const char *, const char *, int) __attribute__((__malloc__, __nonnull__)); char *x_strndup(const char *, size_t, const char *, int) @@ -96,7 +101,11 @@ void x_asprintf(char **, const char *, ...) __attribute__((__nonnull__, __format__(printf, 2, 3))); #endif -/* Failure handler takes the function, the size, the file, and the line. */ +/* + * Failure handler takes the function, the size, the file, and the line. The + * size will be zero if the failure was due to some failure in snprintf + * instead of a memory allocation failure. + */ typedef void (*xmalloc_handler_type)(const char *, size_t, const char *, int); /* The default error handler. */ -- cgit v1.2.3