1
From f15ce4d8dc139523fe0c273580b604b2453acba6 Mon Sep 17 00:00:00 2001
2
From: Ulrich Drepper <drepper@redhat.com>
3
Date: Mon, 9 Aug 2010 21:09:37 -0700
4
Subject: [PATCH] Avoid too much stack use in fnmatch.
6
From 8126d90480fa3e0c5c5cd0d02cb1c93174b45485 Mon Sep 17 00:00:00 2001
7
From: Ulrich Drepper <drepper@gmail.com>
8
Date: Fri, 18 Mar 2011 05:29:20 -0400
9
Subject: [PATCH 1/1] Check size of pattern in wide character
10
representation in fnmatch.
12
* posix/fnmatch.c (fnmatch): Check size of pattern in wide
13
character representation. Partly based on a patch by Tomas Hoger
18
[Ubuntu note: differs from upstream patch in that the changes to
19
Changelog and NEWS file have been dropped to reduce conflicts.]
22
posix/fnmatch.c | 57 +++++++++++++++++-----
23
posix/fnmatch_loop.c | 132 ++++++++++++++++++++++++++++++++-------------------
24
2 files changed, 128 insertions(+), 61 deletions(-)
26
Index: b/posix/fnmatch.c
27
===================================================================
31
-/* Copyright (C) 1991,1992,1993,1996,1997,1998,1999,2000,2001,2002,2003,2007
32
+/* Copyright (C) 1991,1992,1993,1996,1997,1998,1999,2000,2001,2002,2003,2007,2010
33
Free Software Foundation, Inc.
34
This file is part of the GNU C Library.
43
+# define alloca_account(size., var) alloca (size)
46
/* For platform which support the ISO C amendement 1 functionality we
47
support user defined character classes. */
48
#if defined _LIBC || (defined HAVE_WCTYPE_H && defined HAVE_WCHAR_H)
49
@@ -334,8 +340,11 @@ fnmatch (pattern, string, flags)
53
+ wchar_t *wpattern_malloc = NULL;
55
+ wchar_t *wstring_malloc = NULL;
57
+ size_t alloca_used = 0;
59
/* Convert the strings into wide characters. */
60
memset (&ps, '\0', sizeof (ps));
61
@@ -347,7 +356,8 @@ fnmatch (pattern, string, flags)
63
if (__builtin_expect (n < 1024, 1))
65
- wpattern = (wchar_t *) alloca ((n + 1) * sizeof (wchar_t));
66
+ wpattern = (wchar_t *) alloca_account ((n + 1) * sizeof (wchar_t),
68
n = mbsrtowcs (wpattern, &p, n + 1, &ps);
69
if (__builtin_expect (n == (size_t) -1, 0))
71
@@ -369,8 +379,11 @@ fnmatch (pattern, string, flags)
72
XXX Do we have to set `errno' to something which mbsrtows hasn't
75
- wpattern = (wchar_t *) alloca ((n + 1) * sizeof (wchar_t));
76
+ wpattern_malloc = wpattern
77
+ = (wchar_t *) malloc ((n + 1) * sizeof (wchar_t));
78
assert (mbsinit (&ps));
79
+ if (wpattern == NULL)
81
(void) mbsrtowcs (wpattern, &pattern, n + 1, &ps);
84
@@ -383,13 +396,18 @@ fnmatch (pattern, string, flags)
86
if (__builtin_expect (n < 1024, 1))
88
- wstring = (wchar_t *) alloca ((n + 1) * sizeof (wchar_t));
89
+ wstring = (wchar_t *) alloca_account ((n + 1) * sizeof (wchar_t),
91
n = mbsrtowcs (wstring, &p, n + 1, &ps);
92
if (__builtin_expect (n == (size_t) -1, 0))
94
- XXX Do we have to set `errno' to something which mbsrtows hasn't
99
+ XXX Do we have to set `errno' to something which
100
+ mbsrtows hasn't already done? */
102
+ free (wpattern_malloc);
107
memset (&ps, '\0', sizeof (ps));
108
@@ -404,19 +422,32 @@ fnmatch (pattern, string, flags)
110
XXX Do we have to set `errno' to something which mbsrtows hasn't
113
- wstring = (wchar_t *) alloca ((n + 1) * sizeof (wchar_t));
116
+ wstring_malloc = wstring
117
+ = (wchar_t *) malloc ((n + 1) * sizeof (wchar_t));
118
+ if (wstring == NULL)
120
+ free (wpattern_malloc);
123
assert (mbsinit (&ps));
124
(void) mbsrtowcs (wstring, &string, n + 1, &ps);
127
- return internal_fnwmatch (wpattern, wstring, wstring + n,
128
- flags & FNM_PERIOD, flags, NULL);
129
+ int res = internal_fnwmatch (wpattern, wstring, wstring + n,
130
+ flags & FNM_PERIOD, flags, NULL,
133
+ free (wstring_malloc);
134
+ free (wpattern_malloc);
138
# endif /* mbstate_t and mbsrtowcs or _LIBC. */
140
return internal_fnmatch (pattern, string, string + strlen (string),
141
- flags & FNM_PERIOD, flags, NULL);
142
+ flags & FNM_PERIOD, flags, NULL, 0);
146
Index: b/posix/fnmatch_loop.c
147
===================================================================
148
--- a/posix/fnmatch_loop.c
149
+++ b/posix/fnmatch_loop.c
151
-/* Copyright (C) 1991-1993,1996-2001,2003-2005,2007
152
+/* Copyright (C) 1991-1993,1996-2001,2003-2005,2007,2010
153
Free Software Foundation, Inc.
154
This file is part of the GNU C Library.
156
@@ -30,22 +30,24 @@ struct STRUCT
157
it matches, nonzero if not. */
158
static int FCT (const CHAR *pattern, const CHAR *string,
159
const CHAR *string_end, int no_leading_period, int flags,
160
- struct STRUCT *ends)
161
+ struct STRUCT *ends, size_t alloca_used)
163
static int EXT (INT opt, const CHAR *pattern, const CHAR *string,
164
- const CHAR *string_end, int no_leading_period, int flags)
165
+ const CHAR *string_end, int no_leading_period, int flags,
166
+ size_t alloca_used)
168
static const CHAR *END (const CHAR *patternp) internal_function;
172
-FCT (pattern, string, string_end, no_leading_period, flags, ends)
173
+FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
176
const CHAR *string_end;
177
int no_leading_period;
180
+ size_t alloca_used;
182
register const CHAR *p = pattern, *n = string;
184
@@ -74,10 +76,8 @@ FCT (pattern, string, string_end, no_lea
186
if (__builtin_expect (flags & FNM_EXTMATCH, 0) && *p == '(')
190
- res = EXT (c, p, n, string_end, no_leading_period,
192
+ int res = EXT (c, p, n, string_end, no_leading_period,
193
+ flags, alloca_used);
197
@@ -106,10 +106,8 @@ FCT (pattern, string, string_end, no_lea
199
if (__builtin_expect (flags & FNM_EXTMATCH, 0) && *p == '(')
203
- res = EXT (c, p, n, string_end, no_leading_period,
205
+ int res = EXT (c, p, n, string_end, no_leading_period,
206
+ flags, alloca_used);
210
@@ -198,7 +196,7 @@ FCT (pattern, string, string_end, no_lea
212
for (--p; n < endp; ++n, no_leading_period = 0)
213
if (FCT (p, n, string_end, no_leading_period, flags2,
215
+ &end, alloca_used) == 0)
218
else if (c == L('/') && (flags & FNM_FILE_NAME))
219
@@ -207,7 +205,7 @@ FCT (pattern, string, string_end, no_lea
221
if (n < string_end && *n == L('/')
222
&& (FCT (p, n + 1, string_end, flags & FNM_PERIOD, flags,
224
+ NULL, alloca_used) == 0))
228
@@ -221,7 +219,7 @@ FCT (pattern, string, string_end, no_lea
229
for (--p; n < endp; ++n, no_leading_period = 0)
230
if (FOLD ((UCHAR) *n) == c
231
&& (FCT (p, n, string_end, no_leading_period, flags2,
233
+ &end, alloca_used) == 0))
236
if (end.pattern == NULL)
237
@@ -758,7 +756,7 @@ FCT (pattern, string, string_end, no_lea
238
_NL_COLLATE_SYMB_EXTRAMB);
240
/* Locate the character in the hashing
243
hash = elem_hash (str, c1);
246
@@ -980,9 +978,8 @@ FCT (pattern, string, string_end, no_lea
248
if (__builtin_expect (flags & FNM_EXTMATCH, 0) && *p == '(')
252
- res = EXT (c, p, n, string_end, no_leading_period, flags);
253
+ int res = EXT (c, p, n, string_end, no_leading_period, flags,
258
@@ -1061,26 +1058,32 @@ END (const CHAR *pattern)
261
EXT (INT opt, const CHAR *pattern, const CHAR *string, const CHAR *string_end,
262
- int no_leading_period, int flags)
263
+ int no_leading_period, int flags, size_t alloca_used)
269
struct patternlist *next;
273
struct patternlist **lastp = &list;
274
size_t pattern_len = STRLEN (pattern);
275
+ int any_malloced = 0;
280
/* Parse the pattern. Store the individual parts in the list. */
282
for (startp = p = pattern + 1; level >= 0; ++p)
284
- /* This is an invalid pattern. */
287
+ /* This is an invalid pattern. */
291
else if (*p == L('['))
293
/* Handle brackets special. */
294
@@ -1097,8 +1100,11 @@ EXT (INT opt, const CHAR *pattern, const
295
/* Skip over all characters of the list. */
298
- /* This is no valid pattern. */
301
+ /* This is no valid pattern. */
306
else if ((*p == L('?') || *p == L('*') || *p == L('+') || *p == L('@')
307
|| *p == L('!')) && p[1] == L('('))
308
@@ -1111,15 +1117,27 @@ EXT (INT opt, const CHAR *pattern, const
309
/* This means we found the end of the pattern. */
310
#define NEW_PATTERN \
311
struct patternlist *newp; \
313
- if (opt == L('?') || opt == L('@')) \
314
- newp = alloca (sizeof (struct patternlist) \
315
- + (pattern_len * sizeof (CHAR))); \
316
+ size_t slen = (opt == L('?') || opt == L('@') \
317
+ ? pattern_len : (p - startp + 1)); \
318
+ slen = sizeof (struct patternlist) + (slen * sizeof (CHAR)); \
319
+ int malloced = ! __libc_use_alloca (alloca_used + slen); \
320
+ if (__builtin_expect (malloced, 0)) \
322
+ newp = alloca_account (slen, alloca_used); \
323
+ any_malloced = 1; \
326
- newp = alloca (sizeof (struct patternlist) \
327
- + ((p - startp + 1) * sizeof (CHAR))); \
328
- *((CHAR *) MEMPCPY (newp->str, startp, p - startp)) = L('\0'); \
330
+ newp = malloc (slen); \
331
+ if (newp == NULL) \
338
+ newp->malloced = malloced; \
339
+ *((CHAR *) MEMPCPY (newp->str, startp, p - startp)) = L('\0'); \
343
@@ -1140,8 +1158,9 @@ EXT (INT opt, const CHAR *pattern, const
347
- if (FCT (p, string, string_end, no_leading_period, flags, NULL) == 0)
349
+ if (FCT (p, string, string_end, no_leading_period, flags, NULL,
355
@@ -1152,7 +1171,7 @@ EXT (INT opt, const CHAR *pattern, const
357
if (FCT (list->str, string, rs, no_leading_period,
358
flags & FNM_FILE_NAME ? flags : flags & ~FNM_PERIOD,
360
+ NULL, alloca_used) == 0
361
/* This was successful. Now match the rest with the rest
363
&& (FCT (p, rs, string_end,
364
@@ -1160,7 +1179,7 @@ EXT (INT opt, const CHAR *pattern, const
366
: rs[-1] == '/' && NO_LEADING_PERIOD (flags) ? 1 : 0,
367
flags & FNM_FILE_NAME
368
- ? flags : flags & ~FNM_PERIOD, NULL) == 0
369
+ ? flags : flags & ~FNM_PERIOD, NULL, alloca_used) == 0
370
/* This didn't work. Try the whole pattern. */
372
&& FCT (pattern - 1, rs, string_end,
373
@@ -1169,18 +1188,21 @@ EXT (INT opt, const CHAR *pattern, const
374
: (rs[-1] == '/' && NO_LEADING_PERIOD (flags)
376
flags & FNM_FILE_NAME
377
- ? flags : flags & ~FNM_PERIOD, NULL) == 0)))
378
+ ? flags : flags & ~FNM_PERIOD, NULL,
379
+ alloca_used) == 0)))
380
/* It worked. Signal success. */
384
while ((list = list->next) != NULL);
386
/* None of the patterns lead to a match. */
387
- return FNM_NOMATCH;
388
+ retval = FNM_NOMATCH;
392
- if (FCT (p, string, string_end, no_leading_period, flags, NULL) == 0)
394
+ if (FCT (p, string, string_end, no_leading_period, flags, NULL,
400
@@ -1192,13 +1214,14 @@ EXT (INT opt, const CHAR *pattern, const
401
if (FCT (STRCAT (list->str, p), string, string_end,
403
flags & FNM_FILE_NAME ? flags : flags & ~FNM_PERIOD,
405
+ NULL, alloca_used) == 0)
406
/* It worked. Signal success. */
409
while ((list = list->next) != NULL);
411
/* None of the patterns lead to a match. */
412
- return FNM_NOMATCH;
413
+ retval = FNM_NOMATCH;
417
for (rs = string; rs <= string_end; ++rs)
418
@@ -1208,7 +1231,7 @@ EXT (INT opt, const CHAR *pattern, const
419
for (runp = list; runp != NULL; runp = runp->next)
420
if (FCT (runp->str, string, rs, no_leading_period,
421
flags & FNM_FILE_NAME ? flags : flags & ~FNM_PERIOD,
423
+ NULL, alloca_used) == 0)
426
/* If none of the patterns matched see whether the rest does. */
427
@@ -1218,21 +1241,34 @@ EXT (INT opt, const CHAR *pattern, const
429
: rs[-1] == '/' && NO_LEADING_PERIOD (flags) ? 1 : 0,
430
flags & FNM_FILE_NAME ? flags : flags & ~FNM_PERIOD,
432
+ NULL, alloca_used) == 0))
433
/* This is successful. */
438
/* None of the patterns together with the rest of the pattern
440
- return FNM_NOMATCH;
441
+ retval = FNM_NOMATCH;
445
assert (! "Invalid extended matching operator");
454
+ while (list != NULL)
456
+ struct patternlist *old = list;