Re: [PATCH v3 0/22] hardening allocations against integer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jeff King <peff@xxxxxxxx> writes:

> On Fri, Feb 19, 2016 at 06:19:41AM -0500, Jeff King wrote:
>
>> Here's a re-roll of jk/tighten-alloc series from:
>> 
>>   http://thread.gmane.org/gmane.comp.version-control.git/286253
>
> And here's v3. The changes this time (and philosophical rationalization
> of changes I didn't make) are pretty small:
>
>   - flip the order of arguments to st_mult() in ALLOC_ARRAY, et al, to
>     get a probably-irrelevant-but-so-easy-why-not optimization
>
>   - mark new global var in daemon.c as static
>
>   - add argv_array_detach (new patch 6) to avoid gross memory management
>     when converting line-log to use argv_array in the subsequent patch
>
> So I hope this one is ready for 'next'.  Thanks René, Ramsay, and Eric
> for reviewing.
>
>   [01/22]: reflog_expire_cfg: NUL-terminate pattern field
>   [02/22]: add helpers for detecting size_t overflow
>   [03/22]: tree-diff: catch integer overflow in combine_diff_path allocation
>   [04/22]: harden REALLOC_ARRAY and xcalloc against size_t overflow
>   [05/22]: add helpers for allocating flex-array structs
>   [06/22]: argv-array: add detach function
>   [07/22]: convert manual allocations to argv_array
>   [08/22]: convert trivial cases to ALLOC_ARRAY
>   [09/22]: use xmallocz to avoid size arithmetic
>   [10/22]: convert trivial cases to FLEX_ARRAY macros
>   [11/22]: use st_add and st_mult for allocation size computation
>   [12/22]: prepare_{git,shell}_cmd: use argv_array
>   [13/22]: write_untracked_extension: use FLEX_ALLOC helper
>   [14/22]: fast-import: simplify allocation in start_packfile
>   [15/22]: fetch-pack: simplify add_sought_entry
>   [16/22]: test-path-utils: fix normalize_path_copy output buffer size
>   [17/22]: sequencer: simplify memory allocation of get_message
>   [18/22]: git-compat-util: drop mempcpy compat code
>   [19/22]: transport_anonymize_url: use xstrfmt
>   [20/22]: diff_populate_gitlink: use a strbuf
>   [21/22]: convert ewah/bitmap code to use xmalloc
>   [22/22]: ewah: convert to REALLOC_ARRAY, etc

I admit that I only looked at tbdiff output, but what I saw looked
very sensible.

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]