Add xmallocz()

Add routine for allocating NUL-terminated memory block without risking
integer overflow in addition of +1 for NUL byte.

[jc: with suggestion from Bill Lear]

Signed-off-by: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/git-compat-util.h b/git-compat-util.h
index ef6080338480f509e720a484998c286ae1814b0a..31e2ef9e9e49947f9665bc573fc132d18b0c2137 100644 (file)
--- a/git-compat-util.h
+++ b/git-compat-util.h
@@ -343,6 +343,7 @@ extern void release_pack_memory(size_t, int);
 
 extern char *xstrdup(const char *str);
 extern void *xmalloc(size_t size);
+extern void *xmallocz(size_t size);
 extern void *xmemdupz(const void *data, size_t len);
 extern char *xstrndup(const char *str, size_t len);
 extern void *xrealloc(void *ptr, size_t size);

diff --git a/wrapper.c b/wrapper.c
index c9be1400c005e25b003acecc0cb037dd2f07e56f..0e3e20a3fd38f6f99da44483ee0bb9753f2b217a 100644 (file)
--- a/wrapper.c
+++ b/wrapper.c
@@ -34,6 +34,16 @@ void *xmalloc(size_t size)
        return ret;
 }
 
+void *xmallocz(size_t size)
+{
+       void *ret;
+       if (size + 1 < size)
+               die("Data too large to fit into virtual memory space.");
+       ret = xmalloc(size + 1);
+       ((char*)ret)[size] = 0;
+       return ret;
+}
+
 /*
  * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
  * "data" to the allocated memory, zero terminates the allocated memory,
@@ -42,10 +52,7 @@ void *xmalloc(size_t size)
  */
 void *xmemdupz(const void *data, size_t len)
 {
-       char *p = xmalloc(len + 1);
-       memcpy(p, data, len);
-       p[len] = '\0';
-       return p;
+       return memcpy(xmallocz(len), data, len);
 }
 
 char *xstrndup(const char *str, size_t len)