public inbox for [email protected]
 help / color / mirror / Atom feed
From: Willy Tarreau <[email protected]>
To: Ammar Faizi <[email protected]>
Cc: "Paul E. McKenney" <[email protected]>,
	Alviro Iskandar Setiawan <[email protected]>,
	Nugraha <[email protected]>,
	Linux Kernel Mailing List <[email protected]>,
	GNU/Weeb Mailing List <[email protected]>
Subject: Re: [RFC PATCH v1 6/6] tools/include/string: Implement `strdup()` and `strndup()`
Date: Mon, 21 Mar 2022 08:53:08 +0100	[thread overview]
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>

Hi Ammar,

On Sun, Mar 20, 2022 at 04:37:50PM +0700, Ammar Faizi wrote:
> Add strdup and strndup support. These functions are only available on
> architectures that have my_syscall6() macro from nolibc.
> 
> Signed-off-by: Ammar Faizi <[email protected]>
> ---
>  tools/include/nolibc/string.h | 68 +++++++++++++++++++++++++++++++++++
>  1 file changed, 68 insertions(+)
> 
> diff --git a/tools/include/nolibc/string.h b/tools/include/nolibc/string.h
> index 4554b6fcb400..413c65f7c853 100644
> --- a/tools/include/nolibc/string.h
> +++ b/tools/include/nolibc/string.h
> @@ -9,6 +9,10 @@
>  
>  #include "std.h"
>  
> +static void free(void *ptr);
> +static void *malloc(size_t len);
> +static void *realloc(void *old_ptr, size_t new_size);

Better include the required h files here.

>  /*
>   * As much as possible, please keep functions alphabetically sorted.
>   */
> @@ -127,6 +131,70 @@ size_t nolibc_strlen(const char *str)
>  		nolibc_strlen((str));           \
>  })
>  
> +static __attribute__((unused))
> +char *strdup(const char *str)
> +{
> +	size_t allocated = 2048;
> +	size_t i;
> +	char *ret;
> +	char *tmp;
> +
> +	ret = malloc(allocated);
> +	if (__builtin_expect(!ret, 0))
> +		return NULL;
> +
> +	i = 0;
> +	for (;;) {
> +		char c = *str;
> +		if (!c)
> +			break;
> +
> +		if (i == allocated) {
> +			allocated += 2048;
> +			tmp = realloc(ret, allocated);
> +			if (__builtin_expect(!tmp, 0)) {
> +				free(ret);
> +				return NULL;
> +			}
> +			ret = tmp;
> +		}
> +
> +		ret[i++] = c;
> +		str++;
> +	}
> +
> +	ret[i] = '\0';
> +	return ret;
> +}

This version is suboptimal in terms of code size, CPU usage and memory
usage. And it even seems it contains a buffer overflow: if the string
is exactly a multiple of 2048, it seems to me that you'll write the
trailing zero past the end. Please instead use the more intuitive form
below (not tested but you get the idea):

	size_t len = strlen(str);
	char *ret = malloc(len + 1);
	if (ret)
		memcpy(ret, str, len);
	return ret;

> +static __attribute__((unused))
> +char *strndup(const char *str, size_t maxlen)
> +{
> +	size_t i;
> +	char *ret;
> +
> +	ret = malloc(maxlen + 1);
> +	if (__builtin_expect(!ret, 0))
> +		return NULL;
> +
> +	i = 0;
> +	for (;;) {
> +		char c = *str;
> +		if (!c)
> +			break;
> +
> +		if (i == maxlen)
> +			break;
> +
> +		ret[i++] = c;
> +		str++;
> +	}
> +
> +	ret[i] = '\0';
> +	return ret;
> +}

Here it can cost quite a lot for large values of maxlen. Please just use
a variant of the proposal above like this one:

	size_t len;
	char *ret;

	len = strlen(str);
	if (len > maxlen)
		len = maxlen;
	ret = malloc(len + 1);
	if (ret)
		memcpy(ret, str, len);
	return ret;

Thanks,
Willy

  parent reply	other threads:[~2022-03-21  7:53 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-20  9:37 [RFC PATCH v1 0/6] Add dynamic memory allocator support for nolibc Ammar Faizi
2022-03-20  9:37 ` [RFC PATCH v1 1/6] tools/nolibc: x86-64: Update System V ABI document link Ammar Faizi
2022-03-20  9:37 ` [RFC PATCH v1 2/6] tools/nolibc: Make the entry point not weak for clang Ammar Faizi
2022-03-20 19:16   ` Willy Tarreau
2022-03-21 11:38     ` Ammar Faizi
2022-03-21 17:27       ` Nick Desaulniers
2022-03-20  9:37 ` [RFC PATCH v1 3/6] tools/nolibc: i386: Implement syscall with 6 arguments Ammar Faizi
2022-03-20 10:33   ` Alviro Iskandar Setiawan
2022-03-20 10:42     ` Alviro Iskandar Setiawan
2022-03-20 15:09       ` Ammar Faizi
2022-03-20 13:10   ` David Laight
2022-03-20 14:01     ` Willy Tarreau
2022-03-20 15:04     ` Ammar Faizi
2022-03-20 18:22       ` David Laight
2022-03-20  9:37 ` [RFC PATCH v1 4/6] tools/nolibc/sys: Implement `mmap()` and `munmap()` Ammar Faizi
2022-03-20  9:37 ` [RFC PATCH v1 5/6] tools/nolibc/stdlib: Implement `malloc()`, `calloc()`, `realloc()` and `free()` Ammar Faizi
2022-03-20 15:50   ` Alviro Iskandar Setiawan
2022-03-20 16:10     ` Ammar Faizi
2022-03-20 16:16   ` Willy Tarreau
2022-03-20 16:36     ` Ammar Faizi
2022-03-20 16:46       ` Willy Tarreau
2022-03-20  9:37 ` [RFC PATCH v1 6/6] tools/include/string: Implement `strdup()` and `strndup()` Ammar Faizi
2022-03-20 15:55   ` Alviro Iskandar Setiawan
2022-03-20 16:10     ` Ammar Faizi
2022-03-21  7:53   ` Willy Tarreau [this message]
2022-03-21  8:16     ` Alviro Iskandar Setiawan
2022-03-21  8:51       ` Willy Tarreau
2022-03-21 11:36     ` Ammar Faizi
2022-03-21 11:43       ` Willy Tarreau

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    [email protected] \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox