From df77fc8de8cf8aa17ce98e8a09e478e2688359bf Mon Sep 17 00:00:00 2001 From: apio Date: Wed, 2 Aug 2023 14:47:58 +0200 Subject: [PATCH] libluna: Remove make_array() and destroy_array() Placement new on arrays is a bit unreliable and could cause out-of-bounds data accesses. --- kernel/src/arch/x86_64/disk/ATA.cpp | 4 ++-- kernel/src/fs/GPT.cpp | 4 ++-- kernel/src/fs/ext2/Inode.cpp | 4 ++-- libluna/include/luna/Alloc.h | 12 ------------ libos/src/FileSystem.cpp | 5 ++--- 5 files changed, 8 insertions(+), 21 deletions(-) diff --git a/kernel/src/arch/x86_64/disk/ATA.cpp b/kernel/src/arch/x86_64/disk/ATA.cpp index a0026c3f..7dc03484 100644 --- a/kernel/src/arch/x86_64/disk/ATA.cpp +++ b/kernel/src/arch/x86_64/disk/ATA.cpp @@ -754,8 +754,8 @@ Result ATADevice::read(u8* buf, usize offset, usize size) const ScopedKMutexLock<100> lock(m_drive->channel()->lock()); // FIXME: Don't always allocate this if we don't need it. - auto* temp = TRY(make_array(block_size)); - auto guard = make_scope_guard([temp] { delete[] temp; }); + auto* temp = (u8*)TRY(malloc_impl(block_size)); + auto guard = make_scope_guard([temp] { free_impl(temp); }); if (offset % block_size) { diff --git a/kernel/src/fs/GPT.cpp b/kernel/src/fs/GPT.cpp index 9a5c1d78..e3556a5f 100644 --- a/kernel/src/fs/GPT.cpp +++ b/kernel/src/fs/GPT.cpp @@ -41,8 +41,8 @@ namespace GPT u32 partition_index = 1; - auto* table = TRY(make_array(header.num_partitions)); - auto guard = make_scope_guard([table] { delete[] table; }); + auto* table = (PartitionEntry*)TRY(calloc_impl(header.num_partitions, sizeof(PartitionEntry))); + auto guard = make_scope_guard([table] { free_impl(table); }); nread = TRY(device->read((u8*)table, partition_table_start, sizeof(PartitionEntry) * header.num_partitions)); check(nread == sizeof(PartitionEntry) * header.num_partitions); diff --git a/kernel/src/fs/ext2/Inode.cpp b/kernel/src/fs/ext2/Inode.cpp index 261adcab..872195c5 100644 --- a/kernel/src/fs/ext2/Inode.cpp +++ b/kernel/src/fs/ext2/Inode.cpp @@ -91,8 +91,8 @@ namespace Ext2 const usize inode_size = m_metadata.size; const usize block_size = m_fs->m_block_size; - u8* const buf = TRY(make_array(block_size)); - auto guard = make_scope_guard([buf] { delete[] buf; }); + u8* const buf = (u8*)TRY(calloc_impl(block_size, 1)); + auto guard = make_scope_guard([buf] { free_impl(buf); }); m_entries.clear(); diff --git a/libluna/include/luna/Alloc.h b/libluna/include/luna/Alloc.h index 1e89feb6..a6e0dfb5 100644 --- a/libluna/include/luna/Alloc.h +++ b/libluna/include/luna/Alloc.h @@ -10,19 +10,7 @@ template [[nodiscard]] Result make(Args... args) return result; } -template [[nodiscard]] Result make_array(usize count) -{ - T* const result = (T*)TRY(calloc_impl(count, sizeof(T))); - new (result) T[count]; - return result; -} - template void destroy(T* item) { delete item; } - -template void destroy_array(T* item) -{ - delete[] item; -} diff --git a/libos/src/FileSystem.cpp b/libos/src/FileSystem.cpp index 4c753d45..1c2e4a9d 100644 --- a/libos/src/FileSystem.cpp +++ b/libos/src/FileSystem.cpp @@ -82,12 +82,11 @@ namespace os::FileSystem TRY(stat(path, st, false)); if (!S_ISLNK(st.st_mode)) return String {}; - char* buf = TRY(make_array(st.st_size + 1)); - auto guard = make_scope_guard([buf] { delete[] buf; }); + char* buf = (char*)TRY(calloc_impl(st.st_size + 1, 1)); + auto guard = make_scope_guard([buf] { free_impl(buf); }); usize nread = TRY( Result::from_syscall(syscall(SYS_readlinkat, path.dirfd(), path.name().chars(), buf, st.st_size))); - buf[nread] = '\0'; guard.deactivate(); return String { buf, nread };