misc: Replace uses of __builtin_*_overflow() with <misc/math_extras.h>.
Use the new math_extras functions instead of calling builtins directly. Change a few local variables to size_t after checking that all uses of the variable actually expects a size_t. Signed-off-by: Jakob Olesen <jolesen@fb.com>
This commit is contained in:
parent
0e65aab703
commit
c8708d9bf3
9 changed files with 30 additions and 52 deletions
|
@ -40,16 +40,4 @@
|
|||
#define __builtin_unreachable() do { __ASSERT(false, "Unreachable code"); } \
|
||||
while (true)
|
||||
|
||||
/* TODO: XCC doesn't define the below macros which are useful for checking
|
||||
* overflows. This needs to be fixed.
|
||||
*/
|
||||
#define __builtin_add_overflow(a, b, output) \
|
||||
({ *output = (a) + (b); false; })
|
||||
#define __builtin_mul_overflow(a, b, output) \
|
||||
({ *output = (a) * (b); false; })
|
||||
#define __builtin_umul_overflow(a, b, output) \
|
||||
({ *output = (a) * (b); false; })
|
||||
#define __builtin_umulll_overflow(a, b, output) \
|
||||
({ *output = (a) * (b); false; })
|
||||
|
||||
#endif
|
||||
|
|
|
@ -13,6 +13,7 @@
|
|||
#ifndef _ASMLANGUAGE
|
||||
#include <kernel.h>
|
||||
#include <misc/printk.h>
|
||||
#include <misc/math_extras.h>
|
||||
#include <kernel_internal.h>
|
||||
#include <stdbool.h>
|
||||
|
||||
|
@ -353,9 +354,9 @@ extern int z_user_string_copy(char *dst, const char *src, size_t maxlen);
|
|||
#define Z_SYSCALL_MEMORY_ARRAY(ptr, nmemb, size, write) \
|
||||
({ \
|
||||
u32_t product; \
|
||||
Z_SYSCALL_VERIFY_MSG(!__builtin_umul_overflow((u32_t)(nmemb), \
|
||||
(u32_t)(size), \
|
||||
&product), \
|
||||
Z_SYSCALL_VERIFY_MSG(!u32_mul_overflow((u32_t)(nmemb), \
|
||||
(u32_t)(size), \
|
||||
&product), \
|
||||
"%ux%u array is too large", \
|
||||
(u32_t)(nmemb), (u32_t)(size)) || \
|
||||
Z_SYSCALL_MEMORY(ptr, product, write); \
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
#include <init.h>
|
||||
#include <string.h>
|
||||
#include <misc/__assert.h>
|
||||
#include <misc/math_extras.h>
|
||||
#include <stdbool.h>
|
||||
|
||||
/* Linker-defined symbols bound the static pool structs */
|
||||
|
@ -144,8 +145,7 @@ void *k_mem_pool_malloc(struct k_mem_pool *pool, size_t size)
|
|||
* get a block large enough to hold an initial (hidden) block
|
||||
* descriptor, as well as the space the caller requested
|
||||
*/
|
||||
if (__builtin_add_overflow(size, sizeof(struct k_mem_block_id),
|
||||
&size)) {
|
||||
if (size_add_overflow(size, sizeof(struct k_mem_block_id), &size)) {
|
||||
return NULL;
|
||||
}
|
||||
if (k_mem_pool_alloc(pool, &block, size, K_NO_WAIT) != 0) {
|
||||
|
@ -193,7 +193,7 @@ void *k_calloc(size_t nmemb, size_t size)
|
|||
void *ret;
|
||||
size_t bounds;
|
||||
|
||||
if (__builtin_mul_overflow(nmemb, size, &bounds)) {
|
||||
if (size_mul_overflow(nmemb, size, &bounds)) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
|
|
@ -18,6 +18,7 @@
|
|||
#include <string.h>
|
||||
#include <wait_q.h>
|
||||
#include <misc/dlist.h>
|
||||
#include <misc/math_extras.h>
|
||||
#include <init.h>
|
||||
#include <syscall_handler.h>
|
||||
#include <kernel_internal.h>
|
||||
|
@ -73,8 +74,7 @@ int z_impl_k_msgq_alloc_init(struct k_msgq *q, size_t msg_size,
|
|||
int ret;
|
||||
size_t total_size;
|
||||
|
||||
if (__builtin_umul_overflow((unsigned int)msg_size, max_msgs,
|
||||
(unsigned int *)&total_size)) {
|
||||
if (size_mul_overflow(msg_size, max_msgs, &total_size)) {
|
||||
ret = -EINVAL;
|
||||
} else {
|
||||
buffer = z_thread_malloc(total_size);
|
||||
|
|
|
@ -264,7 +264,7 @@ Z_SYSCALL_HANDLER(k_poll, events, num_events, timeout)
|
|||
int ret;
|
||||
k_spinlock_key_t key;
|
||||
struct k_poll_event *events_copy = NULL;
|
||||
unsigned int bounds;
|
||||
u32_t bounds;
|
||||
|
||||
/* Validate the events buffer and make a copy of it in an
|
||||
* allocated kernel-side buffer.
|
||||
|
@ -273,11 +273,10 @@ Z_SYSCALL_HANDLER(k_poll, events, num_events, timeout)
|
|||
ret = -EINVAL;
|
||||
goto out;
|
||||
}
|
||||
if (Z_SYSCALL_VERIFY_MSG(
|
||||
!__builtin_umul_overflow(num_events,
|
||||
sizeof(struct k_poll_event),
|
||||
&bounds),
|
||||
"num_events too large")) {
|
||||
if (Z_SYSCALL_VERIFY_MSG(!u32_mul_overflow(num_events,
|
||||
sizeof(struct k_poll_event),
|
||||
&bounds),
|
||||
"num_events too large")) {
|
||||
ret = -EINVAL;
|
||||
goto out;
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@
|
|||
#include <spinlock.h>
|
||||
#include <kernel_structs.h>
|
||||
#include <misc/printk.h>
|
||||
#include <misc/math_extras.h>
|
||||
#include <sys_clock.h>
|
||||
#include <drivers/system_timer.h>
|
||||
#include <ksched.h>
|
||||
|
@ -475,9 +476,8 @@ Z_SYSCALL_HANDLER(k_thread_create,
|
|||
/* Verify that the stack size passed in is OK by computing the total
|
||||
* size and comparing it with the size value in the object metadata
|
||||
*/
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(!__builtin_uadd_overflow(K_THREAD_STACK_RESERVED,
|
||||
stack_size,
|
||||
&total_size),
|
||||
Z_OOPS(Z_SYSCALL_VERIFY_MSG(!u32_add_overflow(K_THREAD_STACK_RESERVED,
|
||||
stack_size, &total_size),
|
||||
"stack size overflow (%u+%u)", stack_size,
|
||||
K_THREAD_STACK_RESERVED));
|
||||
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
|
||||
#include <kernel.h>
|
||||
#include <string.h>
|
||||
#include <misc/math_extras.h>
|
||||
#include <misc/printk.h>
|
||||
#include <misc/rb.h>
|
||||
#include <kernel_structs.h>
|
||||
|
@ -672,7 +673,7 @@ int z_user_to_copy(void *dst, const void *src, size_t size)
|
|||
|
||||
char *z_user_string_alloc_copy(const char *src, size_t maxlen)
|
||||
{
|
||||
unsigned long actual_len;
|
||||
size_t actual_len;
|
||||
int err;
|
||||
char *ret = NULL;
|
||||
|
||||
|
@ -682,10 +683,10 @@ char *z_user_string_alloc_copy(const char *src, size_t maxlen)
|
|||
}
|
||||
if (actual_len == maxlen) {
|
||||
/* Not NULL terminated */
|
||||
printk("string too long %p (%lu)\n", src, actual_len);
|
||||
printk("string too long %p (%zu)\n", src, actual_len);
|
||||
goto out;
|
||||
}
|
||||
if (__builtin_uaddl_overflow(actual_len, 1, &actual_len)) {
|
||||
if (size_add_overflow(actual_len, 1, &actual_len)) {
|
||||
printk("overflow\n");
|
||||
goto out;
|
||||
}
|
||||
|
@ -705,7 +706,7 @@ out:
|
|||
|
||||
int z_user_string_copy(char *dst, const char *src, size_t maxlen)
|
||||
{
|
||||
unsigned long actual_len;
|
||||
size_t actual_len;
|
||||
int ret, err;
|
||||
|
||||
actual_len = z_user_string_nlen(src, maxlen, &err);
|
||||
|
@ -715,11 +716,11 @@ int z_user_string_copy(char *dst, const char *src, size_t maxlen)
|
|||
}
|
||||
if (actual_len == maxlen) {
|
||||
/* Not NULL terminated */
|
||||
printk("string too long %p (%lu)\n", src, actual_len);
|
||||
printk("string too long %p (%zu)\n", src, actual_len);
|
||||
ret = EINVAL;
|
||||
goto out;
|
||||
}
|
||||
if (__builtin_uaddl_overflow(actual_len, 1, &actual_len)) {
|
||||
if (size_add_overflow(actual_len, 1, &actual_len)) {
|
||||
printk("overflow\n");
|
||||
ret = EINVAL;
|
||||
goto out;
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
#include <zephyr.h>
|
||||
#include <init.h>
|
||||
#include <errno.h>
|
||||
#include <misc/math_extras.h>
|
||||
#include <misc/mempool.h>
|
||||
#include <string.h>
|
||||
#include <app_memory/app_memdomain.h>
|
||||
|
@ -66,23 +67,11 @@ void free(void *ptr)
|
|||
sys_mem_pool_free(ptr);
|
||||
}
|
||||
|
||||
static bool size_t_mul_overflow(size_t a, size_t b, size_t *res)
|
||||
{
|
||||
#if __SIZEOF_SIZE_T__ == 4
|
||||
return __builtin_umul_overflow((unsigned int)a, (unsigned int)b,
|
||||
(unsigned int *)res);
|
||||
#else /* __SIZEOF_SIZE_T__ == 8 */
|
||||
return __builtin_umulll_overflow((unsigned long long)a,
|
||||
(unsigned long long)b,
|
||||
(unsigned long long *)res);
|
||||
#endif
|
||||
}
|
||||
|
||||
void *calloc(size_t nmemb, size_t size)
|
||||
{
|
||||
void *ret;
|
||||
|
||||
if (size_t_mul_overflow(nmemb, size, &size)) {
|
||||
if (size_mul_overflow(nmemb, size, &size)) {
|
||||
errno = ENOMEM;
|
||||
return NULL;
|
||||
}
|
||||
|
@ -144,7 +133,7 @@ void *realloc(void *ptr, size_t requested_size)
|
|||
|
||||
void *reallocarray(void *ptr, size_t nmemb, size_t size)
|
||||
{
|
||||
if (size_t_mul_overflow(nmemb, size, &size)) {
|
||||
if (size_mul_overflow(nmemb, size, &size)) {
|
||||
errno = ENOMEM;
|
||||
return NULL;
|
||||
}
|
||||
|
|
|
@ -17,6 +17,7 @@ LOG_MODULE_REGISTER(net_sock, CONFIG_NET_SOCKETS_LOG_LEVEL);
|
|||
#include <net/socket.h>
|
||||
#include <syscall_handler.h>
|
||||
#include <misc/fdtable.h>
|
||||
#include <misc/math_extras.h>
|
||||
|
||||
#include "sockets_internal.h"
|
||||
|
||||
|
@ -1037,12 +1038,11 @@ int z_impl_zsock_poll(struct zsock_pollfd *fds, int nfds, int timeout)
|
|||
Z_SYSCALL_HANDLER(zsock_poll, fds, nfds, timeout)
|
||||
{
|
||||
struct zsock_pollfd *fds_copy;
|
||||
unsigned int fds_size;
|
||||
size_t fds_size;
|
||||
int ret;
|
||||
|
||||
/* Copy fds array from user mode */
|
||||
if (__builtin_umul_overflow(nfds, sizeof(struct zsock_pollfd),
|
||||
&fds_size)) {
|
||||
if (size_mul_overflow(nfds, sizeof(struct zsock_pollfd), &fds_size)) {
|
||||
errno = EFAULT;
|
||||
return -1;
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue