Commit 14035010 authored by Daniel P. Berrangé's avatar Daniel P. Berrangé

glib: ensure consistent abort-on-OOM with g_vasprintf & its callers

The g_vasprintf method is called by g_strdup_vprintf, g_strdup_printf,
g_string_append_vprintf and more. It has three different implementations
depending on what the build target platform supports:

  1. The gnulib impl appears to use the system malloc, but a
     '#define malloc g_malloc' causes it to use GLib's wrapper
     and thus abort on OOM. This mostly gets used on Windows
     platforms or UNIX platforms with broken printf formatting.

  2. The main impl mostly used on modern Linux/UNIX calls the
     system vasprintf which uses the system malloc and does not
     abort on OOM.

  3. The final impl used on remaining platforms calls system
     vsprintf on a buffer allocated by g_new, and thus always
     aborts on OOM.

Of note is that impl 2 (using vasprintf) historically could abort on
OOM, if the application had installed a non-system malloc impl with
GLib. This was because the code would g_strndup the result from
vasprintf() in that scenario. This was removed in:

  commit a3660532
  Author: Dan Winship <danw@gnome.org>
  Date:   Fri Aug 7 09:46:49 2015 -0400

    glib: remove deprecated g_mem_is_system_malloc() check in gprintf.c

Having inconsistent OOM behaviour for the three impls is undesirable and
aborting on OOM is normal pratice for GLib APIs. Thus we must thus ensure
this happens in all impls of g_vasprintf.

Fixes #1622Signed-off-by: default avatarDaniel P. Berrangé <berrange@redhat.com>
parent c88f1064
......@@ -20,6 +20,7 @@
#include <stdarg.h>
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include "gprintf.h"
#include "gprintfint.h"
......@@ -327,9 +328,18 @@ g_vasprintf (gchar **string,
#elif defined (HAVE_VASPRINTF)
len = vasprintf (string, format, args);
if (len < 0)
*string = NULL;
{
int saved_errno;
len = vasprintf (string, format, args);
saved_errno = errno;
if (len < 0)
{
if (saved_errno == ENOMEM)
g_error ("%s: failed to allocate memory", G_STRLOC);
else
*string = NULL;
}
}
#else
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment