[svn] gcry - r1211 - branches/LIBGCRYPT-1-2-BRANCH/src
svn author wk
cvs at cvs.gnupg.org
Mon Feb 12 15:05:42 CET 2007
Author: wk
Date: 2007-02-12 15:05:42 +0100 (Mon, 12 Feb 2007)
New Revision: 1211
Modified:
branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog
branches/LIBGCRYPT-1-2-BRANCH/src/gcrypt.h.in
branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c
Log:
2007-02-12 Werner Koch <wk at g10code.com>
* gcrypt.h.in: Include stdlib.h for the sake fo the trheading
macros. Suggested by Andreas Metzler.
2007-02-04 Werner Koch <wk at g10code.com>
* secmem.c (ptr_into_pool_p): New.
(_gcry_private_is_secure): Implement in terms of new function.
(BLOCK_VALID): Removed. Replaced all users by new function.
Modified: branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog 2007-02-12 14:03:48 UTC (rev 1210)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog 2007-02-12 14:05:42 UTC (rev 1211)
@@ -1,3 +1,14 @@
+2007-02-12 Werner Koch <wk at g10code.com>
+
+ * gcrypt.h.in: Include stdlib.h for the sake fo the trheading
+ macros. Suggested by Andreas Metzler.
+
+2007-02-04 Werner Koch <wk at g10code.com>
+
+ * secmem.c (ptr_into_pool_p): New.
+ (_gcry_private_is_secure): Implement in terms of new function.
+ (BLOCK_VALID): Removed. Replaced all users by new function.
+
2007-02-01 Werner Koch <wk at g10code.com>
* secmem.c (_gcry_private_is_secure): Trapped by gcc, void* has a
Modified: branches/LIBGCRYPT-1-2-BRANCH/src/gcrypt.h.in
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/gcrypt.h.in 2007-02-12 14:03:48 UTC (rev 1210)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/gcrypt.h.in 2007-02-12 14:05:42 UTC (rev 1211)
@@ -23,6 +23,7 @@
#ifndef _GCRYPT_H
#define _GCRYPT_H
+#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
Modified: branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c 2007-02-12 14:03:48 UTC (rev 1210)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c 2007-02-12 14:05:42 UTC (rev 1211)
@@ -98,10 +98,21 @@
#define ADDR_TO_BLOCK(addr) \
(memblock_t *) ((char *) addr - BLOCK_HEAD_SIZE)
-/* Check wether MB is a valid block. */
-#define BLOCK_VALID(mb) \
- (((char *) mb - (char *) pool) < pool_size)
+/* Check whether P points into the pool. */
+static int
+ptr_into_pool_p (const void *p)
+{
+ /* We need to convert pointers to addresses. This is required by
+ C-99 6.5.8 to avoid undefeined behavious. Using size_t is at
+ least only implementation defined. See also
+ http://lists.gnupg.org/pipermail/gcrypt-devel/2007-February/001102.html
+ */
+ size_t p_addr = (size_t)p;
+ size_t pool_addr = (size_t)pool;
+ return p_addr >= pool_addr && p_addr < pool_addr+pool_size;
+}
+
/* Update the stats. */
static void
stats_update (size_t add, size_t sub)
@@ -126,7 +137,7 @@
mb_next = (memblock_t *) ((char *) mb + BLOCK_HEAD_SIZE + mb->size);
- if (! BLOCK_VALID (mb_next))
+ if (! ptr_into_pool_p (mb_next))
mb_next = NULL;
return mb_next;
@@ -182,7 +193,7 @@
{
memblock_t *mb, *mb_split;
- for (mb = block; BLOCK_VALID (mb); mb = mb_get_next (mb))
+ for (mb = block; ptr_into_pool_p (mb); mb = mb_get_next (mb))
if (! (mb->flags & MB_FLAG_ACTIVE) && mb->size >= size)
{
/* Found a free block. */
@@ -205,7 +216,7 @@
break;
}
- if (! BLOCK_VALID (mb))
+ if (! ptr_into_pool_p (mb))
mb = NULL;
return mb;
@@ -587,9 +598,7 @@
int
_gcry_private_is_secure (const void *p)
{
- return (pool_okay
- && p >= pool
- && p < (void*)((char*)pool+pool_size));
+ return pool_okay && ptr_into_pool_p (p);
}
@@ -639,7 +648,7 @@
SECMEM_LOCK;
for (i = 0, mb = (memblock_t *) pool;
- BLOCK_VALID (mb);
+ ptr_into_pool_p (mb);
mb = mb_get_next (mb), i++)
log_info ("SECMEM: [%s] block: %i; size: %i\n",
(mb->flags & MB_FLAG_ACTIVE) ? "used" : "free",
More information about the Gnupg-commits
mailing list