Ticket #572 (new defect)

Opened 4 years ago

getbuf does not always check buffer size

Reported by: kevin Owned by: somebody
Priority: major Milestone:
Component: q3302ew Version: 7.9
Keywords: Cc:

Description

23 May 2017

I think the current code fixes James' problem. However, I think getbuf() has another bug: it does not check (near line 200) whether the next buffer in the chain is at least size bytes. Whereas, the code which allocates a new buffer when the chain has been exhausted does check size to be sure the memory block allocated will be large enough.

The fix is not simple, since advancing through the chain to look for a large enough memory block effectively orphans any memory blocks that are skipped. The whole point of getbuf() seems to be to conserve memory, not waste it. (Actually, I bet the C library already does a good enough job that getbuf() could simply be a C macro that calls calloc().)

> void getbuf (pq330 q330, pointer *p, integer size)
> begin
>   pbyte newblock ;
>   pmem_manager pm ;
>
>   pm = q330->cur_memory ;
>
>   size = (size + 3) and 0xFFFFFFFC ; /* make multiple of longword */
>   if ((pm->sofar + size) > pm->alloc_size)
>     then
>       begin /* need a new block of memory */
>         if (q330->cur_memory->next)
>           then
>             begin /* already available from before */
>               q330->cur_memory = q330->cur_memory->next ;
>               q330->cur_memory->sofar = 0 ;
>             end
>           else
>             begin /* need new allocation */
>               pm->next = malloc (sizeof(tmem_manager)) ;
>               pm = pm->next ;
>               pm->next = NIL ;
>               if (size > DEFAULT_MEM_INC)
>                 then
>                   pm->alloc_size = size ;
>                 else
>                   pm->alloc_size = DEFAULT_MEM_INC ;
>               pm->sofar = 0 ;
>               pm->base = malloc (pm->alloc_size) ;
>               q330->cur_memory = pm ;
>             end
>       end
>   newblock = q330->cur_memory->base ;
>   incn(newblock, q330->cur_memory->sofar) ;
>   q330->cur_memory->sofar = q330->cur_memory->sofar + size ;
>   memset (newblock, 0, size) ; /* make sure is zeroed out */
>   *p = newblock ;
> end

Larry Baker
US Geological Survey
650-329-5608
baker@usgs.gov
Note: See TracTickets for help on using tickets.