Date: Mon, 05 May 2014 17:10:58 -0500 From: Pedro Giffuni <pfg@FreeBSD.org> To: David Chisnall <theraven@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Andrey Chernov <ache@freebsd.org> Subject: Re: svn commit: r265367 - head/lib/libc/regex Message-ID: <53680C72.10809@FreeBSD.org> In-Reply-To: <3C7CFFB7-5C84-4AC1-9A81-C718D184E87B@FreeBSD.org> References: <201405051641.s45GfFje086423@svn.freebsd.org> <5367CD77.40909@freebsd.org> <B11B5B25-8E05-4225-93D5-3A607332F19A@FreeBSD.org> <5367EB54.1080109@FreeBSD.org> <3C7CFFB7-5C84-4AC1-9A81-C718D184E87B@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
El 5/5/2014 4:21 PM, David Chisnall escribió: > On 5 May 2014, at 20:49, Pedro Giffuni <pfg@FreeBSD.org> wrote: > >> Yes, but I reverted it because there are other ways to check for overflows without the performance hit. > FWIW, in this particular case I think the overflow simply doesn't happen: apparently it is easier to be hit by a DoS first. > Do we have a good reusable routine for doing this somewhere? Clang and gcc both have some idiom recognisers that try to spot when people are attempting to do this. Clang also has a builtin, which would be good to use when available. Overflow checking is very cheap on modern CPUs (add, branch on carry), so it would be nice if we could start looking for this malloc() and realloc() pattern and replacing the multiply with something that checks for the error. > We don't. OpenBSD introduced an extension: reallocarray(). Pedro.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53680C72.10809>