Import reallocarray() from libX11 (originally from OpenBSD)

Wrapper for realloc() that checks for overflow when multiplying
arguments together, so we don't have to add overflow checks to
every single call.  For documentation on usage, see:
http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/calloc.3

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

4 files changed, 58 insertions, 2 deletions

diff --git a/configure.ac b/configure.ac
index 2248380..133ee27 100644
--- a/configure.ac
+++ b/configure.ac
@@ -53,6 +53,7 @@ XTRANS_CONNECTION_FLAGS
 
 # Checks for library functions.
 AC_CHECK_FUNCS([strlcpy strnlen])
+AC_REPLACE_FUNCS([reallocarray])
 
 # Allow checking code with lint, sparse, etc.
 XORG_WITH_LINT
diff --git a/src/FSlibos.h b/src/FSlibos.h
index baf9902..c09d36d 100644
--- a/src/FSlibos.h
+++ b/src/FSlibos.h
@@ -54,6 +54,7 @@ in this Software without prior written authorization from The Open Group.
  */
 
 #include <X11/Xfuncs.h>
+#include <X11/Xfuncproto.h>
 #include <X11/Xosdefs.h>
 
 #ifndef WIN32
@@ -270,6 +271,11 @@ typedef fd_set FdSet;
 #define UnlockDisplay(dis)
 #define FSfree(ptr) free((ptr))
 
+#ifndef HAVE_REALLOCARRAY
+extern _X_HIDDEN void *fsreallocarray(void *optr, size_t nmemb, size_t size);
+# define reallocarray(ptr, n, size) \
+    fsreallocarray((ptr), (size_t)(n), (size_t)(size))
+#endif
 
 /*
  * Note that some machines do not return a valid pointer for malloc(0), in
@@ -278,16 +284,22 @@ typedef fd_set FdSet;
  * FSlib code expects malloc(0) to return a valid pointer to storage.
  */
 
-#ifdef MALLOC_0_RETURNS_NULL
+#if defined(MALLOC_0_RETURNS_NULL) || defined(__clang_analyzer__)
 # define FSmalloc(size) malloc(((size) > 0 ? (size) : 1))
 # define FSrealloc(ptr, size) realloc((ptr), ((size) > 0 ? (size) : 1))
 # define FScalloc(nelem, elsize) calloc(((nelem) > 0 ? (nelem) : 1), (elsize))
+# define FSreallocarray(ptr, n, size) \
+    reallocarray((ptr), ((n) == 0 ? 1 : (n)), size)
 
 #else
 
 # define FSmalloc(size) malloc((size))
 # define FSrealloc(ptr, size) realloc((ptr), (size))
 # define FScalloc(nelem, elsize) calloc((nelem), (elsize))
+# define FSreallocarray(ptr, n, size) reallocarray((ptr), (n), (size))
+
 #endif
 
+#define FSmallocarray(n, size) FSreallocarray(NULL, (n), (size))
+
 #define SearchString(string, char) index((string), (char))
diff --git a/src/Makefile.am b/src/Makefile.am
index 56fd0db..327be0a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -38,7 +38,7 @@ AM_CFLAGS = 			\
 
 AM_CPPFLAGS = -I$(top_srcdir)/include/X11/fonts
 
-libFS_la_LIBADD = $(FS_LIBS)
+libFS_la_LIBADD = $(LTLIBOBJS) $(FS_LIBS)
 
 libFS_la_LDFLAGS = -export-symbols-regex '^FS.*' -version-number 6:0:0 -no-undefined
 
diff --git a/src/reallocarray.c b/src/reallocarray.c
new file mode 100644
index 0000000..aef3843
--- /dev/null
+++ b/src/reallocarray.c
@@ -0,0 +1,43 @@
+/*	$OpenBSD: reallocarray.c,v 1.2 2014/12/08 03:45:00 bcook Exp $	*/
+/*
+ * Copyright (c) 2008 Otto Moerbeek <otto@drijf.net>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <sys/types.h>
+#include <errno.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include "FSlibos.h"
+
+/*
+ * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX
+ * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW
+ */
+#define MUL_NO_OVERFLOW	((size_t)1 << (sizeof(size_t) * 4))
+
+void *
+fsreallocarray(void *optr, size_t nmemb, size_t size)
+{
+	if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) &&
+	    nmemb > 0 && SIZE_MAX / nmemb < size) {
+		errno = ENOMEM;
+		return NULL;
+	}
+	return realloc(optr, size * nmemb);
+}