pike.git / src / array.c

version» Context lines:

pike.git/src/array.c:15:   #include "pike_error.h"   #include "pike_types.h"   #include "fsort.h"   #include "builtin_functions.h"   #include "pike_memory.h"   #include "gc.h"   #include "main.h"   #include "cyclic.h"   #include "multiset.h"   #include "mapping.h" + #include "bignum.h"      /** The empty array. */   PMOD_EXPORT struct array empty_array=   {    PIKE_CONSTANT_MEMOBJ_INIT(1, PIKE_T_ARRAY), /* Never free */    0, /* Size = 0 */    0, /* malloced Size = 0 */    0, /* no types */    0, /* no flags */    &weak_empty_array, /* Next */
pike.git/src/array.c:74:    *    * @param size The size of the new array, in elements.    * @param extra_space The number of extra elements space    * should be reserved for.    * @return A pointer to the allocated array struct.    */   PMOD_EXPORT struct array *real_allocate_array(ptrdiff_t size,    ptrdiff_t extra_space)   {    struct array *v; +  size_t length = size;    -  if(size+extra_space == 0) +  if (DO_SIZE_T_ADD_OVERFLOW(length, (size_t)extra_space, &length)) goto TOO_BIG; +  +  if(length == 0)    {    add_ref(&empty_array);    return &empty_array;    }    -  /* Limits size to (1<<29)-4 */ -  if( (size_t)(size+extra_space-1) > -  (LONG_MAX-sizeof(struct array))/sizeof(struct svalue) ) -  Pike_error("Too large array (size %ld exceeds %ld).\n", -  (long)(size+extra_space-1), -  (long)((LONG_MAX-sizeof(struct array))/sizeof(struct svalue)) ); -  v=calloc(sizeof(struct array)+ -  (size+extra_space-1)*sizeof(struct svalue), 1); -  if(!v) -  Pike_error(msg_out_of_mem_2, sizeof(struct array)+ -  (size+extra_space-1)*sizeof(struct svalue)); +  /* +  * Do we really need this limit? +  * - arne +  */ +  if (length > 1U<<29) goto TOO_BIG;    -  GC_ALLOC(v); +  /* struct array contains one svalue already */ +  length --;    -  +  if (DO_SIZE_T_MUL_OVERFLOW(length, sizeof(struct svalue), &length) || +  DO_SIZE_T_ADD_OVERFLOW(length, sizeof(struct array), &length)) goto TOO_BIG;    -  if (size+extra_space) +  v=xcalloc(length, 1); +  +  GC_ALLOC(v); +     /* for now, we don't know what will go in here */    v->type_field = BIT_MIXED | BIT_UNFINISHED; -  else -  v->type_field = 0; -  v->flags=0; +        v->malloced_size = (INT32)(size + extra_space);    v->item=v->real_item;    v->size = (INT32)size;    INIT_PIKE_MEMOBJ(v, T_ARRAY);    DOUBLELINK (first_array, v);       return v; -  + TOO_BIG: +  Pike_error("Too large array (size %ld is too big).\n", length);   }      /**    * Free an array without freeing the values inside it.    * Any values inside of the array will be kept.    * @param v The array to be freed.    */   static void array_free_no_free(struct array *v)   {    DOUBLEUNLINK (first_array, v);