mem: Fix cornercase bugs.

Author: lorinder

src/csnip/mem.c

@@ -11,13 +11,30 @@
 #include <csnip/err.h>
 #include <csnip/mem.h>
 
-void* csnip_mem_alloc(size_t n, size_t size)
+static inline size_t compute_alloc_amount(size_t n, size_t size)
 {
 	if (size != 0 && SIZE_MAX / size < n) {
 		/* Overflow */
-		return NULL;
+		return 0;
+	}
+	if ((size *= n) == 0) {
+		/* malloc() with 0 size is not guaranteed to return a
+		 * non-NULL pointer, thus we make sure we allocate
+		 * always non-zero amounts.
+		 *
+		 * Also, we use zero to signal an error.
+		 */
+		size = 1;
 	}
-	return malloc(n * size);
+	return size;
+}
+
+void* csnip_mem_alloc(size_t n, size_t size)
+{
+	size_t alloc_sz = compute_alloc_amount(n, size);
+	if (alloc_sz == 0)
+		return NULL;
+	return malloc(alloc_sz);
 }
 
 /* For aligned allocation, we use posix_memalign() if possible, since
@@ -31,22 +48,19 @@ void* csnip_mem_alloc(size_t n, size_t size)
 
 void* csnip_mem_aligned_alloc(size_t nAlign, size_t n, size_t size, int* err_ret)
 {
-	/* Compute the allocation size, taking care of possible overflow */
-	if (size != 0 && SIZE_MAX / size < n) {
-		if (err_ret)
-			*err_ret = csnip_err_RANGE;
-		return NULL;
-	}
-	size *= n;
+	size_t alloc_sz = compute_alloc_amount(n, size);
 
 #if defined(CSNIP_CONF__HAVE_POSIX_MEMALIGN) \
 	|| !defined(CSNIP_CONF__HAVE_ALIGNED_ALLOC)
+	if (nAlign < sizeof(void*))
+		nAlign *= sizeof(void*);
+
 	void* p_ret;
 #ifdef CSNIP_CONF__HAVE_POSIX_MEMALIGN
-	const int err = posix_memalign(&p_ret, nAlign, size);
+	const int err = posix_memalign(&p_ret, nAlign, alloc_sz);
 #else
 	int err = 0;
-	p_ret = memalign(nAlign, size);
+	p_ret = memalign(nAlign, alloc_sz);
 	if (p_ret == NULL)
 		err = errno;
 #endif
@@ -67,18 +81,18 @@ void* csnip_mem_aligned_alloc(size_t nAlign, size_t n, size_t size, int* err_ret
 	return p_ret;
 #else
 	/* use aligned_alloc() */
-	const size_t rem = size % nAlign;
+	const size_t rem = alloc_sz % nAlign;
 	if (rem != 0) {
 		const size_t toadd = nAlign - rem;
 		/* Check for overflow */
-		if (SIZE_MAX - toadd < size) {
+		if (SIZE_MAX - toadd < alloc_sz) {
 			if (err_ret)
 				*err_ret = csnip_err_RANGE;
 			return NULL;
 		}
-		size += toadd;
+		alloc_sz += toadd;
 	}
-	void* p_ret = aligned_alloc(nAlign, size);
+	void* p_ret = aligned_alloc(nAlign, alloc_sz);
 	if (p_ret == NULL && err_ret != 0) {
 		if (errno == ENOMEM) {
 			*err_ret = csnip_err_NOMEM;

src/csnip/mem.h

@@ -81,8 +81,9 @@ void csnip_mem_aligned_free(void* mem);
 /**	Allocate an array with n entries and assign ptr to it.
  *
  *	This is an expression version of mem_Alloc(), hence the -x
- *	suffix.  It assigns the pointer and returns an error value, or 0
- *	in the success case. Generally more convenient to use than
+ *	suffix.  It assigns the pointer and returns 0 in the success
+ *	case.  In the error case, the pointer is set to NULL and an
+ *	error code is returned. Generally more convenient to use than
  *	mem_Alloc.
  */
 #define csnip_mem_Allocx(n, ptr) \

test/CMakeLists.txt

@@ -18,6 +18,7 @@ set(tests_c
 	log_test1.c
 	meanvar_test0.c
 	mem_test0.c
+	mem_test1.c
 	mempool_test0.c
 	ringbuf_test.c
 	ringbuf2_test.c

test/mem_test1.c

@@ -0,0 +1,50 @@
+#include <stdio.h>
+
+#define CSNIP_SHORT_NAMES
+#include <csnip/mem.h>
+#include <csnip/util.h>
+
+static int align_test()
+{
+	int sizes[] = { 0, 1, 10, 100, 1000, 10000, 100000 };
+	int aligns[] =  { 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1024 };
+	for (int i = 0; i < Static_len(sizes); ++i) {
+		for (int j = 0; j < Static_len(aligns); ++j) {
+			const int size = sizes[i];
+			const int align = aligns[j]; 
+			printf("Looking at size=%d, align=%d\n", size, align);
+
+			int err = 0;
+			char* p;
+			mem_AlignedAlloc(size, align, p, err);
+			if (err != 0) {
+				fprintf(stderr, "Alloc error: "
+					"size=%d, align=%d: %d\n",
+					sizes[i], aligns[j], err);
+				return -1;
+			}
+
+			Fill_n(p, sizes[i], 1);
+
+			int cnt = 0;
+			for (int e = 0; e < size; ++e) {
+				cnt += p[e];
+			}
+			if (cnt != size) {
+				fprintf(stderr, "Verification failed!\n");
+				return -1;
+			}
+			mem_AlignedFree(p);
+		}
+	}
+
+	return 0;
+}
+
+int main(int argc, char** argv)
+{
+
+	if (align_test() != 0)
+		return 1;
+	return 0;
+}