Use safe_malloc and/or check returns from malloc (Jim Meyering).

diff --git a/java/com_redhat_et_libguestfs_GuestFS.c b/java/com_redhat_et_libguestfs_GuestFS.c
index 45c1937..f012a4b 100644 (file)
--- a/java/com_redhat_et_libguestfs_GuestFS.c
+++ b/java/com_redhat_et_libguestfs_GuestFS.c
@@ -1381,7 +1381,7 @@ Java_com_redhat_et_libguestfs_GuestFS__1vgcreate
 
   volgroup = (*env)->GetStringUTFChars (env, jvolgroup, NULL);
   physvols_len = (*env)->GetArrayLength (env, jphysvols);
-  physvols = malloc (sizeof (char *) * (physvols_len+1));
+  physvols = guestfs_safe_malloc (g, sizeof (char *) * (physvols_len+1));
   for (i = 0; i < physvols_len; ++i) {
     jobject o = (*env)->GetObjectArrayElement (env, jphysvols, i);
     physvols[i] = (*env)->GetStringUTFChars (env, o, NULL);
@@ -1461,7 +1461,7 @@ Java_com_redhat_et_libguestfs_GuestFS__1sfdisk
   heads = jheads;
   sectors = jsectors;
   lines_len = (*env)->GetArrayLength (env, jlines);
-  lines = malloc (sizeof (char *) * (lines_len+1));
+  lines = guestfs_safe_malloc (g, sizeof (char *) * (lines_len+1));
   for (i = 0; i < lines_len; ++i) {
     jobject o = (*env)->GetObjectArrayElement (env, jlines, i);
     lines[i] = (*env)->GetStringUTFChars (env, o, NULL);
@@ -1610,7 +1610,7 @@ Java_com_redhat_et_libguestfs_GuestFS__1command
   int i;
 
   arguments_len = (*env)->GetArrayLength (env, jarguments);
-  arguments = malloc (sizeof (char *) * (arguments_len+1));
+  arguments = guestfs_safe_malloc (g, sizeof (char *) * (arguments_len+1));
   for (i = 0; i < arguments_len; ++i) {
     jobject o = (*env)->GetObjectArrayElement (env, jarguments, i);
     arguments[i] = (*env)->GetStringUTFChars (env, o, NULL);
@@ -1646,7 +1646,7 @@ Java_com_redhat_et_libguestfs_GuestFS__1command_1lines
   int i;
 
   arguments_len = (*env)->GetArrayLength (env, jarguments);
-  arguments = malloc (sizeof (char *) * (arguments_len+1));
+  arguments = guestfs_safe_malloc (g, sizeof (char *) * (arguments_len+1));
   for (i = 0; i < arguments_len; ++i) {
     jobject o = (*env)->GetObjectArrayElement (env, jarguments, i);
     arguments[i] = (*env)->GetStringUTFChars (env, o, NULL);
@@ -2244,7 +2244,7 @@ Java_com_redhat_et_libguestfs_GuestFS__1debug
 
   subcmd = (*env)->GetStringUTFChars (env, jsubcmd, NULL);
   extraargs_len = (*env)->GetArrayLength (env, jextraargs);
-  extraargs = malloc (sizeof (char *) * (extraargs_len+1));
+  extraargs = guestfs_safe_malloc (g, sizeof (char *) * (extraargs_len+1));
   for (i = 0; i < extraargs_len; ++i) {
     jobject o = (*env)->GetObjectArrayElement (env, jextraargs, i);
     extraargs[i] = (*env)->GetStringUTFChars (env, o, NULL);

diff --git a/ocaml/guestfs_c.c b/ocaml/guestfs_c.c
index 87139b4..86fa293 100644 (file)
--- a/ocaml/guestfs_c.c
+++ b/ocaml/guestfs_c.c
@@ -111,15 +111,19 @@ ocaml_guestfs_close (value gv)
   CAMLreturn (Val_unit);
 }
 
-/* Copy string array value. */
+/* Copy string array value.
+ * The return value is only 'safe' provided we don't allocate anything
+ * further on the OCaml heap (ie. cannot trigger the OCaml GC) because
+ * that could move the strings around.
+ */
 char **
-ocaml_guestfs_strings_val (value sv)
+ocaml_guestfs_strings_val (guestfs_h *g, value sv)
 {
   CAMLparam1 (sv);
   char **r;
   int i;
 
-  r = malloc (sizeof (char *) * (Wosize_val (sv) + 1));
+  r = guestfs_safe_malloc (g, sizeof (char *) * (Wosize_val (sv) + 1));
   for (i = 0; i < Wosize_val (sv); ++i)
     r[i] = String_val (Field (sv, i));
   r[i] = NULL;

diff --git a/ocaml/guestfs_c.h b/ocaml/guestfs_c.h
index 4fb8188..b4a7661 100644 (file)
--- a/ocaml/guestfs_c.h
+++ b/ocaml/guestfs_c.h
@@ -22,7 +22,7 @@
 #define Guestfs_val(v) (*((guestfs_h **)Data_custom_val(v)))
 extern void ocaml_guestfs_raise_error (guestfs_h *g, const char *func)
   Noreturn;
-extern char **ocaml_guestfs_strings_val (value sv);
+extern char **ocaml_guestfs_strings_val (guestfs_h *g, value sv);
 extern void ocaml_guestfs_free_strings (char **r);
 
 #endif /* GUESTFS_OCAML_C_H */

diff --git a/ocaml/guestfs_c_actions.c b/ocaml/guestfs_c_actions.c
index b8c0787..9f860ba 100644 (file)
--- a/ocaml/guestfs_c_actions.c
+++ b/ocaml/guestfs_c_actions.c
@@ -1744,7 +1744,7 @@ ocaml_guestfs_vgcreate (value gv, value volgroupv, value physvolsv)
     caml_failwith ("vgcreate: used handle after closing it");
 
   const char *volgroup = String_val (volgroupv);
-  char **physvols = ocaml_guestfs_strings_val (physvolsv);
+  char **physvols = ocaml_guestfs_strings_val (g, physvolsv);
   int r;
 
   caml_enter_blocking_section ();
@@ -1822,7 +1822,7 @@ ocaml_guestfs_sfdisk (value gv, value devicev, value cylsv, value headsv, value
   int cyls = Int_val (cylsv);
   int heads = Int_val (headsv);
   int sectors = Int_val (sectorsv);
-  char **lines = ocaml_guestfs_strings_val (linesv);
+  char **lines = ocaml_guestfs_strings_val (g, linesv);
   int r;
 
   caml_enter_blocking_section ();
@@ -1993,7 +1993,7 @@ ocaml_guestfs_command (value gv, value argumentsv)
   if (g == NULL)
     caml_failwith ("command: used handle after closing it");
 
-  char **arguments = ocaml_guestfs_strings_val (argumentsv);
+  char **arguments = ocaml_guestfs_strings_val (g, argumentsv);
   char *r;
 
   caml_enter_blocking_section ();
@@ -2018,7 +2018,7 @@ ocaml_guestfs_command_lines (value gv, value argumentsv)
   if (g == NULL)
     caml_failwith ("command_lines: used handle after closing it");
 
-  char **arguments = ocaml_guestfs_strings_val (argumentsv);
+  char **arguments = ocaml_guestfs_strings_val (g, argumentsv);
   int i;
   char **r;
 
@@ -2619,7 +2619,7 @@ ocaml_guestfs_debug (value gv, value subcmdv, value extraargsv)
     caml_failwith ("debug: used handle after closing it");
 
   const char *subcmd = String_val (subcmdv);
-  char **extraargs = ocaml_guestfs_strings_val (extraargsv);
+  char **extraargs = ocaml_guestfs_strings_val (g, extraargsv);
   char *r;
 
   caml_enter_blocking_section ();

diff --git a/perl/Guestfs.xs b/perl/Guestfs.xs
index 12c6cbb..9d8a49c 100644 (file)
--- a/perl/Guestfs.xs
+++ b/perl/Guestfs.xs
@@ -64,12 +64,13 @@ XS_unpack_charPtrPtr (SV *arg) {
   AV *av;
   I32 i;
 
-  if (!arg || !SvOK (arg) || !SvROK (arg) || SvTYPE (SvRV (arg)) != SVt_PVAV) {
+  if (!arg || !SvOK (arg) || !SvROK (arg) || SvTYPE (SvRV (arg)) != SVt_PVAV)
     croak ("array reference expected");
-  }
 
   av = (AV *)SvRV (arg);
-  ret = (char **)malloc (av_len (av) + 1 + 1);
+  ret = malloc (av_len (av) + 1 + 1);
+  if (!ret)
+    croak ("malloc failed");
 
   for (i = 0; i <= av_len (av); i++) {
     SV **elem = av_fetch (av, i, 0);

diff --git a/ruby/ext/guestfs/_guestfs.c b/ruby/ext/guestfs/_guestfs.c
index af80e3f..e6c4236 100644 (file)
--- a/ruby/ext/guestfs/_guestfs.c
+++ b/ruby/ext/guestfs/_guestfs.c
@@ -1413,7 +1413,7 @@ static VALUE ruby_guestfs_vgcreate (VALUE gv, VALUE volgroupv, VALUE physvolsv)
   char **physvols;  {
     int i, len;
     len = RARRAY_LEN (physvolsv);
-    physvols = malloc (sizeof (char *) * (len+1));
+    physvols = guestfs_safe_malloc (g, sizeof (char *) * (len+1));
     for (i = 0; i < len; ++i) {
       VALUE v = rb_ary_entry (physvolsv, i);
       physvols[i] = StringValueCStr (v);
@@ -1499,7 +1499,7 @@ static VALUE ruby_guestfs_sfdisk (VALUE gv, VALUE devicev, VALUE cylsv, VALUE he
   char **lines;  {
     int i, len;
     len = RARRAY_LEN (linesv);
-    lines = malloc (sizeof (char *) * (len+1));
+    lines = guestfs_safe_malloc (g, sizeof (char *) * (len+1));
     for (i = 0; i < len; ++i) {
       VALUE v = rb_ary_entry (linesv, i);
       lines[i] = StringValueCStr (v);
@@ -1656,7 +1656,7 @@ static VALUE ruby_guestfs_command (VALUE gv, VALUE argumentsv)
   char **arguments;  {
     int i, len;
     len = RARRAY_LEN (argumentsv);
-    arguments = malloc (sizeof (char *) * (len+1));
+    arguments = guestfs_safe_malloc (g, sizeof (char *) * (len+1));
     for (i = 0; i < len; ++i) {
       VALUE v = rb_ary_entry (argumentsv, i);
       arguments[i] = StringValueCStr (v);
@@ -1686,7 +1686,7 @@ static VALUE ruby_guestfs_command_lines (VALUE gv, VALUE argumentsv)
   char **arguments;  {
     int i, len;
     len = RARRAY_LEN (argumentsv);
-    arguments = malloc (sizeof (char *) * (len+1));
+    arguments = guestfs_safe_malloc (g, sizeof (char *) * (len+1));
     for (i = 0; i < len; ++i) {
       VALUE v = rb_ary_entry (argumentsv, i);
       arguments[i] = StringValueCStr (v);
@@ -2336,7 +2336,7 @@ static VALUE ruby_guestfs_debug (VALUE gv, VALUE subcmdv, VALUE extraargsv)
   char **extraargs;  {
     int i, len;
     len = RARRAY_LEN (extraargsv);
-    extraargs = malloc (sizeof (char *) * (len+1));
+    extraargs = guestfs_safe_malloc (g, sizeof (char *) * (len+1));
     for (i = 0; i < len; ++i) {
       VALUE v = rb_ary_entry (extraargsv, i);
       extraargs[i] = StringValueCStr (v);

diff --git a/src/generator.ml b/src/generator.ml
index a01eeb7..40ffc06 100755 (executable)
--- a/src/generator.ml
+++ b/src/generator.ml
@@ -4334,7 +4334,7 @@ copy_table (char * const * argv)
            pr "    %sv != Val_int (0) ? String_val (Field (%sv, 0)) : NULL;\n"
              n n
        | StringList n ->
-           pr "  char **%s = ocaml_guestfs_strings_val (%sv);\n" n n
+           pr "  char **%s = ocaml_guestfs_strings_val (g, %sv);\n" n n
        | Bool n ->
            pr "  int %s = Bool_val (%sv);\n" n n
        | Int n ->
@@ -4556,12 +4556,13 @@ XS_unpack_charPtrPtr (SV *arg) {
   AV *av;
   I32 i;
 
-  if (!arg || !SvOK (arg) || !SvROK (arg) || SvTYPE (SvRV (arg)) != SVt_PVAV) {
+  if (!arg || !SvOK (arg) || !SvROK (arg) || SvTYPE (SvRV (arg)) != SVt_PVAV)
     croak (\"array reference expected\");
-  }
 
   av = (AV *)SvRV (arg);
-  ret = (char **)malloc (av_len (av) + 1 + 1);
+  ret = malloc (av_len (av) + 1 + 1);
+  if (!ret)
+    croak (\"malloc failed\");
 
   for (i = 0; i <= av_len (av); i++) {
     SV **elem = av_fetch (av, i, 0);
@@ -5555,7 +5556,8 @@ static VALUE ruby_guestfs_close (VALUE gv)
            pr "  {\n";
            pr "    int i, len;\n";
            pr "    len = RARRAY_LEN (%sv);\n" n;
-           pr "    %s = malloc (sizeof (char *) * (len+1));\n" n;
+           pr "    %s = guestfs_safe_malloc (g, sizeof (char *) * (len+1));\n"
+             n;
            pr "    for (i = 0; i < len; ++i) {\n";
            pr "      VALUE v = rb_ary_entry (%sv, i);\n" n;
            pr "      %s[i] = StringValueCStr (v);\n" n;
@@ -6075,7 +6077,7 @@ Java_com_redhat_et_libguestfs_GuestFS__1close
            pr "  %s = (*env)->GetStringUTFChars (env, j%s, NULL);\n" n n
        | StringList n ->
            pr "  %s_len = (*env)->GetArrayLength (env, j%s);\n" n n;
-           pr "  %s = malloc (sizeof (char *) * (%s_len+1));\n" n n;
+           pr "  %s = guestfs_safe_malloc (g, sizeof (char *) * (%s_len+1));\n" n n;
            pr "  for (i = 0; i < %s_len; ++i) {\n" n;
            pr "    jobject o = (*env)->GetObjectArrayElement (env, j%s, i);\n"
              n;