Line 0
Link Here
|
|
|
1 |
/* Minimal mmap-based malloc/free implementation to be used by libsandbox |
2 |
* internal routines, since we can't trust the current process to have a |
3 |
* malloc/free implementation that is sane and available at all times. |
4 |
*/ |
5 |
|
6 |
#include <stdlib.h> /* malloc()/free() prototypes */ |
7 |
#include <string.h> /* mem*(), strdup() prototype */ |
8 |
|
9 |
#include <sys/mman.h> /* mmap() */ |
10 |
#include <errno.h> |
11 |
#include <limits.h> |
12 |
|
13 |
#include "sandbox.h" |
14 |
|
15 |
static int checked_env = 0; |
16 |
static int env_sandbox_local_malloc = 0; |
17 |
|
18 |
#define check_dlsym(_name) \ |
19 |
{ \ |
20 |
int old_errno = errno; \ |
21 |
if (!true_ ## _name) \ |
22 |
true_ ## _name = get_dlsym(#_name, NULL); \ |
23 |
errno = old_errno; \ |
24 |
} |
25 |
|
26 |
#define SB_MALLOC_TO_MMAP(ptr) ((void*)(((size_t*)ptr) - 1)) |
27 |
#define SB_MMAP_TO_MALLOC(ptr) ((void*)(((size_t*)ptr) + 1)) |
28 |
#define SB_MALLOC_TO_SIZE(ptr) (*((size_t*)SB_MALLOC_TO_MMAP(ptr))) |
29 |
|
30 |
static void *(*true_malloc)(size_t size) = NULL; |
31 |
void *malloc(size_t size) |
32 |
{ |
33 |
if (!checked_env) { |
34 |
env_sandbox_local_malloc = (getenv(ENV_SANDBOX_LOCAL_MALLOC) != NULL); |
35 |
checked_env = 1; |
36 |
} |
37 |
if (!env_sandbox_local_malloc) { |
38 |
check_dlsym(malloc); |
39 |
return true_malloc(size); |
40 |
} else { |
41 |
size_t *ret; |
42 |
size += sizeof(size_t); |
43 |
ret = mmap(0, size, PROT_READ|PROT_WRITE, |
44 |
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); |
45 |
if (ret == MAP_FAILED) |
46 |
return NULL; |
47 |
*ret = size; |
48 |
return SB_MMAP_TO_MALLOC(ret); |
49 |
} |
50 |
} |
51 |
|
52 |
static void (*true_free)(void *ptr) = NULL; |
53 |
void free(void *ptr) |
54 |
{ |
55 |
if (!checked_env) { |
56 |
env_sandbox_local_malloc = (getenv(ENV_SANDBOX_LOCAL_MALLOC) != NULL); |
57 |
checked_env = 1; |
58 |
} |
59 |
if (!env_sandbox_local_malloc) { |
60 |
check_dlsym(free); |
61 |
true_free(ptr); |
62 |
} else { |
63 |
if (ptr == NULL) |
64 |
return; |
65 |
munmap(SB_MALLOC_TO_MMAP(ptr), SB_MALLOC_TO_SIZE(ptr)); |
66 |
} |
67 |
} |
68 |
|
69 |
static void *(*true_calloc)(size_t nmemb, size_t size) = NULL; |
70 |
void *calloc(size_t nmemb, size_t size) |
71 |
{ |
72 |
if (!checked_env) { |
73 |
env_sandbox_local_malloc = (getenv(ENV_SANDBOX_LOCAL_MALLOC) != NULL); |
74 |
checked_env = 1; |
75 |
} |
76 |
if (!env_sandbox_local_malloc) { |
77 |
check_dlsym(calloc); |
78 |
return true_calloc(nmemb, size); |
79 |
} else { |
80 |
void *ret; |
81 |
size_t malloc_size = nmemb * size; |
82 |
ret = malloc(malloc_size); /* dont care about overflow */ |
83 |
if (ret == NULL) |
84 |
return NULL; |
85 |
memset(ret, 0x00, malloc_size); |
86 |
return ret; |
87 |
} |
88 |
} |
89 |
|
90 |
static void *(*true_realloc)(void *ptr, size_t size) = NULL; |
91 |
void *realloc(void *ptr, size_t size) |
92 |
{ |
93 |
if (!checked_env) { |
94 |
env_sandbox_local_malloc = (getenv(ENV_SANDBOX_LOCAL_MALLOC) != NULL); |
95 |
checked_env = 1; |
96 |
} |
97 |
if (!env_sandbox_local_malloc) { |
98 |
check_dlsym(realloc); |
99 |
return true_realloc(ptr, size); |
100 |
} else { |
101 |
void *ret; |
102 |
size_t old_malloc_size; |
103 |
|
104 |
if (ptr == NULL) |
105 |
return malloc(size); |
106 |
if (size == 0) { |
107 |
free(ptr); |
108 |
return ptr; |
109 |
} |
110 |
|
111 |
old_malloc_size = SB_MALLOC_TO_SIZE(ptr); |
112 |
ret = malloc(size); |
113 |
if (ret == NULL) |
114 |
return NULL; |
115 |
memcpy(ret, ptr, (size < old_malloc_size ? size |
116 |
: old_malloc_size)); |
117 |
free(ptr); |
118 |
return ret; |
119 |
} |
120 |
} |
121 |
|
122 |
static char *(*true_strdup)(const char *s) = NULL; |
123 |
#ifdef strdup |
124 |
#undef strdup |
125 |
#endif |
126 |
char *strdup(const char *s) |
127 |
{ |
128 |
if (!checked_env) { |
129 |
env_sandbox_local_malloc = (getenv(ENV_SANDBOX_LOCAL_MALLOC) != NULL); |
130 |
checked_env = 1; |
131 |
} |
132 |
if (!env_sandbox_local_malloc) { |
133 |
check_dlsym(strdup); |
134 |
return true_strdup(s); |
135 |
} else { |
136 |
size_t len; |
137 |
char *ret; |
138 |
|
139 |
if (s == NULL) |
140 |
return NULL; |
141 |
len = strlen(s); |
142 |
ret = malloc(len + 1); |
143 |
if (ret == NULL) |
144 |
return NULL; |
145 |
return memcpy(ret, s, len + 1); |
146 |
} |
147 |
} |