From 93bcd55eafbcf2a49e8963c3475d5a7b1fbc8c53 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Tue, 12 Aug 2003 00:58:52 +0000 Subject: [PATCH] emalloc -> safe_emalloc --- ext/db/db.c | 30 +++++++++++++++--------------- ext/dom/document.c | 2 +- ext/dom/element.c | 2 +- ext/fbsql/php_fbsql.c | 4 ++-- ext/ftp/ftp.c | 2 +- ext/gd/gd.c | 4 ++-- ext/gd/libgd/gd.c | 4 ++-- ext/imap/php_imap.c | 6 +++--- ext/ingres_ii/ii.c | 2 +- ext/interbase/interbase.c | 18 +++++++++--------- ext/msession/msession.c | 2 +- ext/mssql/php_mssql.c | 14 +++++++------- ext/mysql/php_mysql.c | 4 ++-- ext/mysqli/mysqli_api.c | 10 +++++----- ext/mysqli/mysqli_profiler.c | 6 +++--- ext/oci8/oci8.c | 6 +++--- ext/odbc/php_odbc.c | 4 ++-- ext/oracle/oracle.c | 2 +- ext/ovrimos/ovrimos.c | 2 +- ext/pfpro/pfpro.c | 4 ++-- ext/session/session.c | 2 +- ext/sockets/sockets.c | 8 ++++---- ext/sybase/php_sybase_db.c | 8 ++++---- ext/sybase_ct/php_sybase_ct.c | 20 ++++++++++---------- ext/w32api/w32api.c | 6 +++--- ext/wddx/wddx.c | 6 +++--- ext/xml/xml.c | 6 +++--- ext/xsl/xsltprocessor.c | 4 ++-- main/network.c | 2 +- win32/select.c | 2 +- 30 files changed, 96 insertions(+), 96 deletions(-) diff --git a/ext/db/db.c b/ext/db/db.c index 63da0f73b8..db6cde12c7 100644 --- a/ext/db/db.c +++ b/ext/db/db.c @@ -637,7 +637,7 @@ char *php_dbm_fetch(dbm_info *info, char *key TSRMLS_DC) value_datum = DBM_FETCH(dbf, key_datum); if (value_datum.dptr) { - ret = (char *)emalloc(sizeof(char) * value_datum.dsize + 1); + ret = (char *)safe_emalloc(sizeof(char), value_datum.dsize, 1); strncpy(ret, value_datum.dptr, value_datum.dsize); ret[value_datum.dsize] = '\0'; @@ -806,7 +806,7 @@ char *php_dbm_first_key(dbm_info *info TSRMLS_DC) { if (!ret_datum.dptr) return NULL; - ret = (char *)emalloc((ret_datum.dsize + 1) * sizeof(char)); + ret = (char *)safe_emalloc((ret_datum.dsize + 1), sizeof(char), 0); strncpy(ret, ret_datum.dptr, ret_datum.dsize); ret[ret_datum.dsize] = '\0'; @@ -873,7 +873,7 @@ char *php_dbm_nextkey(dbm_info *info, char *key TSRMLS_DC) ret_datum = DBM_NEXTKEY(dbf, key_datum); if (ret_datum.dptr) { - ret = (char *)emalloc(sizeof(char) * ret_datum.dsize + 1); + ret = (char *)safe_emalloc(sizeof(char), ret_datum.dsize, 1); strncpy(ret, ret_datum.dptr, ret_datum.dsize); ret[ret_datum.dsize] = '\0'; #if GDBM @@ -935,7 +935,7 @@ datum flatfile_fetch(FILE *dbf, datum key_datum) { char *buf; if (flatfile_findkey(dbf, key_datum)) { - buf = emalloc((buf_size+1) * sizeof(char)); + buf = safe_emalloc((buf_size+1), sizeof(char), 0); if (fgets(buf, 15, dbf)) { num = atoi(buf); if (num > buf_size) { @@ -963,7 +963,7 @@ int flatfile_delete(FILE *dbf, datum key_datum) { rewind(dbf); - buf = emalloc((buf_size + 1)*sizeof(char)); + buf = safe_emalloc((buf_size + 1), sizeof(char), 0); while(!feof(dbf)) { /* read in the length of the key name */ if (!fgets(buf, 15, dbf)) @@ -996,7 +996,7 @@ int flatfile_delete(FILE *dbf, datum key_datum) { if (num > buf_size) { buf_size+=num; if (buf) efree(buf); - buf = emalloc((buf_size+1)*sizeof(char)); + buf = safe_emalloc((buf_size+1), sizeof(char), 0); } /* read in the value */ num = fread(buf, sizeof(char), num, dbf); @@ -1019,14 +1019,14 @@ int flatfile_findkey(FILE *dbf, datum key_datum) { int size = key_datum.dsize; rewind(dbf); - buf = emalloc((buf_size+1)*sizeof(char)); + buf = safe_emalloc((buf_size+1), sizeof(char), 0); while (!feof(dbf)) { if (!fgets(buf, 15, dbf)) break; num = atoi(buf); if (num > buf_size) { if (buf) efree(buf); buf_size+=num; - buf = emalloc((buf_size+1)*sizeof(char)); + buf = safe_emalloc((buf_size+1), sizeof(char), 0); } num = fread(buf, sizeof(char), num, dbf); if (num<0) break; @@ -1043,7 +1043,7 @@ int flatfile_findkey(FILE *dbf, datum key_datum) { if (num > buf_size) { if (buf) efree(buf); buf_size+=num; - buf = emalloc((buf_size+1)*sizeof(char)); + buf = safe_emalloc((buf_size+1), sizeof(char), 0); } num = fread(buf, sizeof(char), num, dbf); if (num<0) break; @@ -1062,14 +1062,14 @@ datum flatfile_firstkey(FILE *dbf) { int buf_size=1024; rewind(dbf); - buf.dptr = emalloc((buf_size+1)*sizeof(char)); + buf.dptr = safe_emalloc((buf_size+1), sizeof(char), 0); while(!feof(dbf)) { if (!fgets(buf.dptr, 15, dbf)) break; num = atoi(buf.dptr); if (num > buf_size) { buf_size+=num; if (buf.dptr) efree(buf.dptr); - buf.dptr = emalloc((buf_size+1)*sizeof(char)); + buf.dptr = safe_emalloc((buf_size+1), sizeof(char), 0); } num = fread(buf.dptr, sizeof(char), num, dbf); if (num<0) break; @@ -1083,7 +1083,7 @@ datum flatfile_firstkey(FILE *dbf) { if (num > buf_size) { buf_size+=num; if (buf.dptr) efree(buf.dptr); - buf.dptr = emalloc((buf_size+1)*sizeof(char)); + buf.dptr = safe_emalloc((buf_size+1), sizeof(char), 0); } num = fread(buf.dptr, sizeof(char), num, dbf); if (num<0) break; @@ -1102,14 +1102,14 @@ datum flatfile_nextkey(FILE *dbf) { int buf_size=1024; fseek(dbf, CurrentFlatFilePos, SEEK_SET); - buf.dptr = emalloc((buf_size+1)*sizeof(char)); + buf.dptr = safe_emalloc((buf_size+1), sizeof(char), 0); while(!feof(dbf)) { if (!fgets(buf.dptr, 15, dbf)) break; num = atoi(buf.dptr); if (num > buf_size) { buf_size+=num; if (buf.dptr) efree(buf.dptr); - buf.dptr = emalloc((buf_size+1)*sizeof(char)); + buf.dptr = safe_emalloc((buf_size+1), sizeof(char), 0); } num = fread(buf.dptr, sizeof(char), num, dbf); if (num<0) break; @@ -1118,7 +1118,7 @@ datum flatfile_nextkey(FILE *dbf) { if (num > buf_size) { buf_size+=num; if (buf.dptr) efree(buf.dptr); - buf.dptr = emalloc((buf_size+1)*sizeof(char)); + buf.dptr = safe_emalloc((buf_size+1), sizeof(char), 0); } num = fread(buf.dptr, sizeof(char), num, dbf); if (num<0) break; diff --git a/ext/dom/document.c b/ext/dom/document.c index aaa5d58d90..6e92d10633 100644 --- a/ext/dom/document.c +++ b/ext/dom/document.c @@ -700,7 +700,7 @@ PHP_FUNCTION(dom_document_get_elements_by_tag_name) ctxp = xmlXPathNewContext(docp); ctxp->node = NULL; - str = (char*) emalloc((name_len+3) * sizeof(char)) ; + str = (char*) safe_emalloc((name_len+3), sizeof(char), 0) ; sprintf(str ,"//%s",name); xpathobjp = xmlXPathEval(str, ctxp); diff --git a/ext/dom/element.c b/ext/dom/element.c index f2ba0b650d..4f4ba9d641 100644 --- a/ext/dom/element.c +++ b/ext/dom/element.c @@ -407,7 +407,7 @@ PHP_FUNCTION(dom_element_get_elements_by_tag_name) ctxp = xmlXPathNewContext(docp); ctxp->node = nodep; - str = (char*) emalloc((name_len+13) * sizeof(char)) ; + str = (char*) safe_emalloc((name_len+13), sizeof(char), 0) ; sprintf(str ,"descendant::%s",name); xpathobjp = xmlXPathEval(str, ctxp); diff --git a/ext/fbsql/php_fbsql.c b/ext/fbsql/php_fbsql.c index e751e85f21..75dddca485 100644 --- a/ext/fbsql/php_fbsql.c +++ b/ext/fbsql/php_fbsql.c @@ -2349,7 +2349,7 @@ void phpfbColumnAsString(PHPFBResult* result, int column, void* data , int* leng *length = l*2+3+1; if (value) { - char* r = emalloc(l*2+3+1); + char* r = safe_emalloc(l, 2, 4); r[0] = 'X'; r[1] = '\''; for (i = 0; i < nBits / 8; i++) @@ -2371,7 +2371,7 @@ void phpfbColumnAsString(PHPFBResult* result, int column, void* data , int* leng *length = l*2+3+1; if (value) { - char* r = emalloc(l*2+3+1); + char* r = safe_emalloc(l, 2, 1); r[0] = 'B'; r[1] = '\''; for (i = 0; i < nBits; i++) diff --git a/ext/ftp/ftp.c b/ext/ftp/ftp.c index 32257a1e73..caeebb421f 100644 --- a/ext/ftp/ftp.c +++ b/ext/ftp/ftp.c @@ -1635,7 +1635,7 @@ ftp_genlist(ftpbuf_t *ftp, const char *cmd, const char *path TSRMLS_DC) rewind(tmpfp); - ret = emalloc((lines + 1) * sizeof(char**) + size * sizeof(char*)); + ret = safe_emalloc((lines + 1), sizeof(char**), size * sizeof(char*)); entry = ret; text = (char*) (ret + lines + 1); diff --git a/ext/gd/gd.c b/ext/gd/gd.c index 51b0d03044..8b8d8aa974 100644 --- a/ext/gd/gd.c +++ b/ext/gd/gd.c @@ -762,7 +762,7 @@ PHP_FUNCTION(imagesetstyle) convert_to_array_ex(styles); /* copy the style values in the stylearr */ - stylearr = emalloc(sizeof(int) * zend_hash_num_elements(HASH_OF(*styles))); + stylearr = safe_emalloc(sizeof(int), zend_hash_num_elements(HASH_OF(*styles)), 0); zend_hash_internal_pointer_reset_ex(HASH_OF(*styles), &pos); @@ -2572,7 +2572,7 @@ static void php_imagepolygon(INTERNAL_FUNCTION_PARAMETERS, int filled) RETURN_FALSE; } - points = (gdPointPtr) emalloc(npoints * sizeof(gdPoint)); + points = (gdPointPtr) safe_emalloc(npoints, sizeof(gdPoint), 0); for (i = 0; i < npoints; i++) { if (zend_hash_index_find(Z_ARRVAL_PP(POINTS), (i * 2), (void **) &var) == SUCCESS) { diff --git a/ext/gd/libgd/gd.c b/ext/gd/libgd/gd.c index fcfd249f60..4598081f40 100644 --- a/ext/gd/libgd/gd.c +++ b/ext/gd/libgd/gd.c @@ -1873,7 +1873,7 @@ void gdImageFill(gdImagePtr im, int x, int y, int nc) oc = gdImageGetPixel(im, x, y); if (oc==nc || x<0 || x>wx2 || y<0 || y>wy2) return; - stack = (struct seg *)emalloc(sizeof(struct seg) * ((int)(im->sy*im->sx)/4)+1); + stack = (struct seg *)safe_emalloc(sizeof(struct seg), ((int)(im->sy*im->sx)/4), 1); sp = stack; /* required! */ @@ -1938,7 +1938,7 @@ void _gdImageFillTiled(gdImagePtr im, int x, int y, int nc) pts[i] = (int *) ecalloc(im->sx, sizeof(int)); } - stack = (struct seg *)emalloc(sizeof(struct seg) * ((int)(im->sy*im->sx)/4)+1); + stack = (struct seg *)safe_emalloc(sizeof(struct seg), ((int)(im->sy*im->sx)/4), 1); sp = stack; oc = gdImageGetPixel(im, x, y); diff --git a/ext/imap/php_imap.c b/ext/imap/php_imap.c index 5fff1e4065..c5dc15b6d1 100644 --- a/ext/imap/php_imap.c +++ b/ext/imap/php_imap.c @@ -1345,7 +1345,7 @@ PHP_FUNCTION(imap_list_full) } array_init(return_value); - delim = emalloc(2 * sizeof(char)); + delim = safe_emalloc(2, sizeof(char), 0); cur=IMAPG(imap_folder_objects); while (cur != NIL) { MAKE_STD_ZVAL(mboxob); @@ -1654,7 +1654,7 @@ PHP_FUNCTION(imap_lsub_full) convert_to_string_ex(ref); convert_to_string_ex(pat); - delim = emalloc(2 * sizeof(char)); + delim = safe_emalloc(2, sizeof(char), 0); /* set flag for new, improved array of objects list */ IMAPG(folderlist_style) = FLIST_OBJECT; @@ -3551,7 +3551,7 @@ PHP_FUNCTION(imap_mime_header_decode) string = Z_STRVAL_PP(str); end = Z_STRLEN_PP(str); - charset = (char *) emalloc((end + 1) * 2); + charset = (char *) safe_emalloc((end + 1), 2, 0); text = &charset[end + 1]; while (offset < end) { /* Reached end of the string? */ if ((charset_token = (long)php_memnstr(&string[offset], "=?", 2, string + end))) { /* Is there anything encoded in the string? */ diff --git a/ext/ingres_ii/ii.c b/ext/ingres_ii/ii.c index 01112cbf27..973933afe0 100644 --- a/ext/ingres_ii/ii.c +++ b/ext/ingres_ii/ii.c @@ -1167,7 +1167,7 @@ static void php_ii_fetch(INTERNAL_FUNCTION_PARAMETERS, II_LINK *ii_link, int res } /* allocate memory for j fields */ - columnData = (IIAPI_DATAVALUE *) emalloc(j * sizeof(IIAPI_DATAVALUE)); + columnData = (IIAPI_DATAVALUE *) safe_emalloc(j, sizeof(IIAPI_DATAVALUE), 0); for (k = 1; k <= j; k++) { columnData[k - 1].dv_value = (II_PTR) emalloc((ii_link->descriptor[i + k - 2]).ds_length); } diff --git a/ext/interbase/interbase.c b/ext/interbase/interbase.c index d0531ae1e0..c04045d6c0 100644 --- a/ext/interbase/interbase.c +++ b/ext/interbase/interbase.c @@ -799,7 +799,7 @@ static void _php_ibase_connect(INTERNAL_FUNCTION_PARAMETERS, int persistent) WRONG_PARAM_COUNT; } - args = (zval ***) emalloc(sizeof(zval **) * ZEND_NUM_ARGS()); + args = (zval ***) safe_emalloc(sizeof(zval **), ZEND_NUM_ARGS()); if (zend_get_parameters_array_ex(ZEND_NUM_ARGS(), args) == FAILURE) { efree(args); RETURN_FALSE; @@ -1084,7 +1084,7 @@ static int _php_ibase_alloc_array(ibase_array **ib_arrayp, int *array_cntp, XSQL if (ar_cnt) { /* have arrays ? */ *array_cntp = ar_cnt; - IB_ARRAY = emalloc(sizeof(ibase_array)*ar_cnt); + IB_ARRAY = safe_emalloc(sizeof(ibase_array), ar_cnt, 0); ar_cnt = 0; var = sqlda->sqlvar; for (i = 0; i < sqlda->sqld; i++, var++) { @@ -1471,10 +1471,10 @@ static void _php_ibase_alloc_xsqlda(XSQLDA *sqlda) for (i = 0; i < sqlda->sqld; i++, var++) { switch (var->sqltype & ~1) { case SQL_TEXT: - var->sqldata = emalloc(sizeof(char) * (var->sqllen)); + var->sqldata = safe_emalloc(sizeof(char), (var->sqllen), 0); break; case SQL_VARYING: - var->sqldata = emalloc(sizeof(char) * (var->sqllen + sizeof(short))); + var->sqldata = safe_emalloc(sizeof(char), (var->sqllen + sizeof(short)), 0); break; case SQL_SHORT: var->sqldata = emalloc(sizeof(short)); @@ -1549,7 +1549,7 @@ static int _php_ibase_exec(ibase_result **ib_resultp, ibase_query *ib_query, int _php_ibase_alloc_xsqlda(out_sqlda); if (ib_query->out_array) { - IB_RESULT->out_array = emalloc(sizeof(ibase_array) * ib_query->out_array_cnt); + IB_RESULT->out_array = safe_emalloc(sizeof(ibase_array), ib_query->out_array_cnt, 0); memcpy(IB_RESULT->out_array, ib_query->out_array, sizeof(ibase_array) * ib_query->out_array_cnt); } else { IB_RESULT->out_array = NULL; @@ -1564,7 +1564,7 @@ static int _php_ibase_exec(ibase_result **ib_resultp, ibase_query *ib_query, int } in_sqlda = emalloc(XSQLDA_LENGTH(ib_query->in_sqlda->sqld)); memcpy(in_sqlda, ib_query->in_sqlda, XSQLDA_LENGTH(ib_query->in_sqlda->sqld)); - bind_buf = emalloc(sizeof(BIND_BUF) * ib_query->in_sqlda->sqld); + bind_buf = safe_emalloc(sizeof(BIND_BUF), ib_query->in_sqlda->sqld, 0); if (_php_ibase_bind(in_sqlda, args, bind_buf, ib_query TSRMLS_CC) == FAILURE) { IBDEBUG("Could not bind input XSQLDA"); goto _php_ibase_exec_error; @@ -1720,7 +1720,7 @@ PHP_FUNCTION(ibase_trans) } /* register the transaction in our own data structures */ - ib_trans = (ibase_trans *) emalloc(sizeof(ibase_trans) + (link_cnt-1)*sizeof(ibase_db_link *)); + ib_trans = (ibase_trans *) safe_emalloc((link_cnt-1), sizeof(ibase_db_link *), sizeof(ibase_trans)); ib_trans->handle = tr_handle; ib_trans->link_cnt = link_cnt; ib_trans->affected_rows = 0; @@ -2261,7 +2261,7 @@ static int _php_ibase_var_zval(zval *val, void *data, int type, int len, int sca data = ((IBASE_VCHAR *) data)->var_str; /* fallout */ case SQL_TEXT: - Z_STRVAL_P(val) = (char *) emalloc(sizeof(char) * (len + 1)); + Z_STRVAL_P(val) = (char *) safe_emalloc(sizeof(char), (len + 1), 0); memcpy(Z_STRVAL_P(val), data, len); Z_STRVAL_P(val)[len] = '\0'; if (PG(magic_quotes_runtime)) { @@ -2894,7 +2894,7 @@ PHP_FUNCTION(ibase_timefmt) WRONG_PARAM_COUNT; } - args = (zval ***) emalloc(sizeof(zval **) * ZEND_NUM_ARGS()); + args = (zval ***) safe_emalloc(sizeof(zval **), ZEND_NUM_ARGS(), 0); if (zend_get_parameters_array_ex(ZEND_NUM_ARGS(), args) == FAILURE) { efree(args); RETURN_FALSE; diff --git a/ext/msession/msession.c b/ext/msession/msession.c index 8798463e74..02405feb78 100644 --- a/ext/msession/msession.c +++ b/ext/msession/msession.c @@ -918,7 +918,7 @@ PHP_FUNCTION(msession_set_array) countpair = zend_hash_num_elements(htTuples); - pairs = (char **)emalloc(sizeof(char *) * countpair * 2); + pairs = (char **)safe_emalloc(sizeof(char *), countpair * 2, 0); ELOG("have pairs"); diff --git a/ext/mssql/php_mssql.c b/ext/mssql/php_mssql.c index 04cd33c586..ec4fd43897 100644 --- a/ext/mssql/php_mssql.c +++ b/ext/mssql/php_mssql.c @@ -989,7 +989,7 @@ static int _mssql_fetch_batch(mssql_link *mssql_ptr, mssql_result *result, int r int *column_types; char computed_buf[16]; - column_types = (int *) emalloc(sizeof(int) * result->num_fields); + column_types = (int *) safe_emalloc(sizeof(int), result->num_fields, 0); for (i=0; inum_fields; i++) { char *fname = (char *)dbcolname(mssql_ptr->link,i+1); @@ -1036,14 +1036,14 @@ static int _mssql_fetch_batch(mssql_link *mssql_ptr, mssql_result *result, int r i=0; if (!result->data) { - result->data = (zval **) emalloc(sizeof(zval *)*MSSQL_ROWS_BLOCK*(++result->blocks_initialized)); + result->data = (zval **) safe_emalloc(sizeof(zval *), MSSQL_ROWS_BLOCK*(++result->blocks_initialized), 0); } while (retvalue!=FAIL && retvalue!=NO_MORE_ROWS) { result->num_rows++; if (result->num_rows > result->blocks_initialized*MSSQL_ROWS_BLOCK) { result->data = (zval **) erealloc(result->data,sizeof(zval *)*MSSQL_ROWS_BLOCK*(++result->blocks_initialized)); } - result->data[i] = (zval *) emalloc(sizeof(zval)*result->num_fields); + result->data[i] = (zval *) safe_emalloc(sizeof(zval), result->num_fields, 0); for (j=0; jnum_fields; j++) { INIT_ZVAL(result->data[i][j]); MS_SQL_G(get_column_content(mssql_ptr, j+1, &result->data[i][j], column_types[j] TSRMLS_CC)); @@ -1163,7 +1163,7 @@ PHP_FUNCTION(mssql_query) result->cur_field=result->cur_row=result->num_rows=0; if (num_fields > 0) { - result->fields = (mssql_field *) emalloc(sizeof(mssql_field)*result->num_fields); + result->fields = (mssql_field *) safe_emalloc(sizeof(mssql_field), result->num_fields, 0); result->num_rows = _mssql_fetch_batch(mssql_ptr, result, retvalue TSRMLS_CC); } else @@ -1794,7 +1794,7 @@ PHP_FUNCTION(mssql_next_result) retvalue = dbnextrow(mssql_ptr->link); result->num_fields = dbnumcols(mssql_ptr->link); - result->fields = (mssql_field *) emalloc(sizeof(mssql_field)*result->num_fields); + result->fields = (mssql_field *) safe_emalloc(sizeof(mssql_field), result->num_fields, 0); result->num_rows = _mssql_fetch_batch(mssql_ptr, result, retvalue TSRMLS_CC); RETURN_TRUE; } @@ -2101,12 +2101,12 @@ PHP_FUNCTION(mssql_execute) result = (mssql_result *) emalloc(sizeof(mssql_result)); result->batchsize = batchsize; result->blocks_initialized = 1; - result->data = (zval **) emalloc(sizeof(zval *)*MSSQL_ROWS_BLOCK); + result->data = (zval **) safe_emalloc(sizeof(zval *), MSSQL_ROWS_BLOCK); result->mssql_ptr = mssql_ptr; result->cur_field=result->cur_row=result->num_rows=0; result->num_fields = num_fields; - result->fields = (mssql_field *) emalloc(sizeof(mssql_field)*num_fields); + result->fields = (mssql_field *) safe_emalloc(sizeof(mssql_field), num_fields); result->num_rows = _mssql_fetch_batch(mssql_ptr, result, retvalue TSRMLS_CC); result->statement = statement; } diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c index 03a9366444..f812d09137 100644 --- a/ext/mysql/php_mysql.c +++ b/ext/mysql/php_mysql.c @@ -1668,7 +1668,7 @@ PHP_FUNCTION(mysql_escape_string) * be worth it */ - Z_STRVAL_P(return_value) = (char *) emalloc(Z_STRLEN_PP(str)*2+1); + Z_STRVAL_P(return_value) = (char *) safe_emalloc(Z_STRLEN_PP(str), 2, 1); Z_STRLEN_P(return_value) = mysql_escape_string(Z_STRVAL_P(return_value), Z_STRVAL_PP(str), Z_STRLEN_PP(str)); Z_TYPE_P(return_value) = IS_STRING; @@ -1701,7 +1701,7 @@ PHP_FUNCTION(mysql_real_escape_string) ZEND_FETCH_RESOURCE2(mysql, php_mysql_conn *, &mysql_link, id, "MySQL-Link", le_link, le_plink); - new_str = emalloc(str_len * 2 + 1); + new_str = safe_emalloc(str_len, 2, 1); new_str_len = mysql_real_escape_string(&mysql->conn, new_str, str, str_len); new_str = erealloc(new_str, new_str_len + 1); diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c index 97a4a29ea3..d5ea379988 100644 --- a/ext/mysqli/mysqli_api.c +++ b/ext/mysqli/mysqli_api.c @@ -127,7 +127,7 @@ PHP_FUNCTION(mysqli_bind_param) php_free_stmt_bind_buffer(stmt->param, FETCH_SIMPLE); } - args = (zval ***)emalloc(argc * sizeof(zval **)); + args = (zval ***)safe_emalloc(argc, sizeof(zval **), 0); if (zend_get_parameters_array_ex(argc, args) == FAILURE) { efree(args); @@ -194,7 +194,7 @@ PHP_FUNCTION(mysqli_bind_param) } stmt->param.var_cnt = num_vars; - stmt->param.vars = (zval **)emalloc(num_vars * sizeof(zval)); + stmt->param.vars = (zval **)safe_emalloc(num_vars, sizeof(zval), 0); for (i = 0; i < num_vars; i++) { if (bind[i].buffer_type != MYSQLI_BIND_SEND_DATA) { ZVAL_ADDREF(*args[i+start]); @@ -237,7 +237,7 @@ PHP_FUNCTION(mysqli_bind_result) WRONG_PARAM_COUNT; } - args = (zval ***)emalloc(argc * sizeof(zval **)); + args = (zval ***)safe_emalloc(argc, sizeof(zval **), 0); if (zend_get_parameters_array_ex(argc, args) == FAILURE) { efree(args); @@ -338,7 +338,7 @@ PHP_FUNCTION(mysqli_bind_result) } stmt->result.var_cnt = var_cnt; - stmt->result.vars = (zval **)emalloc((var_cnt) * sizeof(zval)); + stmt->result.vars = (zval **)safe_emalloc((var_cnt), sizeof(zval), 0); for (i = start; i < var_cnt+start; i++) { ofs = i-start; ZVAL_ADDREF(*args[i]); @@ -1464,7 +1464,7 @@ PHP_FUNCTION(mysqli_real_escape_string) { } MYSQLI_FETCH_RESOURCE(mysql, MYSQL *, prmysql, PR_MYSQL *, &mysql_link, "mysqli_link"); - newstr = emalloc(2 * escapestr_len + 1); + newstr = safe_emalloc(2, escapestr_len, 1); newstr_len = mysql_real_escape_string(mysql, newstr, escapestr, escapestr_len); newstr = erealloc(newstr, newstr_len + 1); diff --git a/ext/mysqli/mysqli_profiler.c b/ext/mysqli/mysqli_profiler.c index cf4b429e7f..45b3f19c68 100644 --- a/ext/mysqli/mysqli_profiler.c +++ b/ext/mysqli/mysqli_profiler.c @@ -104,8 +104,8 @@ int php_mysqli_profiler_explain(PR_EXPLAIN *explain, PR_HEADER *header, MYSQL *m explain->columns = mysql_num_fields(res); - explain->row = (PR_ROW *)emalloc(sizeof(PR_ROW) * explain->exp_cnt); - explain->fields = (char **)emalloc(sizeof(char *) * explain->columns); + explain->row = (PR_ROW *)safe_emalloc(sizeof(PR_ROW), explain->exp_cnt, 0); + explain->fields = (char **)safe_emalloc(sizeof(char *), explain->columns, 0); fields = mysql_fetch_fields(res); @@ -114,7 +114,7 @@ int php_mysqli_profiler_explain(PR_EXPLAIN *explain, PR_HEADER *header, MYSQL *m } for (i=0; i < explain->exp_cnt; i++) { - explain->row[i].value = (char **)emalloc(sizeof(char *) * explain->columns); + explain->row[i].value = (char **)safe_emalloc(sizeof(char *), explain->columns, 0); row = mysql_fetch_row(res); for (j=0; j < explain->columns; j++) { explain->row[i].value[j] = my_estrdup(row[j]); diff --git a/ext/oci8/oci8.c b/ext/oci8/oci8.c index 8fd34a43f2..3c759d1aab 100644 --- a/ext/oci8/oci8.c +++ b/ext/oci8/oci8.c @@ -4139,7 +4139,7 @@ PHP_FUNCTION(ocifetchstatement) } if (flags & OCI_FETCHSTATEMENT_BY_ROW) { - columns = emalloc(statement->ncolumns * sizeof(oci_out_column *)); + columns = safe_emalloc(statement->ncolumns, sizeof(oci_out_column *), 0); for (i = 0; i < statement->ncolumns; i++) { columns[ i ] = oci_get_col(statement, i + 1, 0); @@ -4177,8 +4177,8 @@ PHP_FUNCTION(ocifetchstatement) efree(columns); } else { /* default to BY_COLUMN */ - columns = emalloc(statement->ncolumns * sizeof(oci_out_column *)); - outarrs = emalloc(statement->ncolumns * sizeof(zval*)); + columns = safe_emalloc(statement->ncolumns, sizeof(oci_out_column *), 0); + outarrs = safe_emalloc(statement->ncolumns, sizeof(zval*), 0); if (flags & OCI_NUM) { for (i = 0; i < statement->ncolumns; i++) { diff --git a/ext/odbc/php_odbc.c b/ext/odbc/php_odbc.c index f82e38a2d4..2aeebdf32c 100644 --- a/ext/odbc/php_odbc.c +++ b/ext/odbc/php_odbc.c @@ -634,7 +634,7 @@ int odbc_bindcols(odbc_result *result TSRMLS_DC) SWORD colnamelen; /* Not used */ SDWORD displaysize; - result->values = (odbc_result_value *) emalloc(sizeof(odbc_result_value)*result->numcols); + result->values = (odbc_result_value *) safe_emalloc(sizeof(odbc_result_value), result->numcols, 0); result->longreadlen = ODBCG(defaultlrl); result->binmode = ODBCG(defaultbinmode); @@ -969,7 +969,7 @@ PHP_FUNCTION(odbc_execute) } zend_hash_internal_pointer_reset(Z_ARRVAL_PP(pv_param_arr)); - params = (params_t *)emalloc(sizeof(params_t) * result->numparams); + params = (params_t *)safe_emalloc(sizeof(params_t), result->numparams, 0); for(i = 1; i <= result->numparams; i++) { if (zend_hash_get_current_data(Z_ARRVAL_PP(pv_param_arr), (void **) &tmp) == FAILURE) { diff --git a/ext/oracle/oracle.c b/ext/oracle/oracle.c index 002c5109bb..431e72162c 100644 --- a/ext/oracle/oracle.c +++ b/ext/oracle/oracle.c @@ -1650,7 +1650,7 @@ ora_describe_define(oraCursor * cursor) } if (cursor->ncols > 0){ - cursor->columns = (oraColumn *) emalloc(sizeof(oraColumn) * cursor->ncols); + cursor->columns = (oraColumn *) safe_emalloc(sizeof(oraColumn), cursor->ncols, 0); memset(cursor->columns,0,sizeof(oraColumn) * cursor->ncols); } diff --git a/ext/ovrimos/ovrimos.c b/ext/ovrimos/ovrimos.c index 0dd35ecd12..e18bd38e1f 100644 --- a/ext/ovrimos/ovrimos.c +++ b/ext/ovrimos/ovrimos.c @@ -212,7 +212,7 @@ PCON_STATE state = statement->con_state; return 1; } - new_statements = emalloc( (state->nstatements-1) * sizeof(STATEMENT)); + new_statements = safe_emalloc( (state->nstatements-1), sizeof(STATEMENT), 0); for (i=j=0;instatements;i++) { if (state->statements->statement != stmt) { diff --git a/ext/pfpro/pfpro.c b/ext/pfpro/pfpro.c index d8411f82be..b4e082da8d 100644 --- a/ext/pfpro/pfpro.c +++ b/ext/pfpro/pfpro.c @@ -208,7 +208,7 @@ PHP_FUNCTION(pfpro_process_raw) WRONG_PARAM_COUNT; } - args = (zval ***) emalloc(sizeof(zval **) * ZEND_NUM_ARGS()); + args = (zval ***) safe_emalloc(sizeof(zval **), ZEND_NUM_ARGS(), 0); if (zend_get_parameters_array_ex(ZEND_NUM_ARGS(), args) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to read parameters in pfpro_process_raw()"); @@ -325,7 +325,7 @@ PHP_FUNCTION(pfpro_process) WRONG_PARAM_COUNT; } - args = (zval ***) emalloc(sizeof(zval **) * ZEND_NUM_ARGS()); + args = (zval ***) safe_emalloc(sizeof(zval **), ZEND_NUM_ARGS(), 0); if (zend_get_parameters_array_ex(ZEND_NUM_ARGS(), args) == FAILURE) { php_error_docref(NULL TSRMLS_CC, E_ERROR, "Unable to read parameters in pfpro_process()"); diff --git a/ext/session/session.c b/ext/session/session.c index 55862e60d6..74fc27f2e8 100644 --- a/ext/session/session.c +++ b/ext/session/session.c @@ -1468,7 +1468,7 @@ PHP_FUNCTION(session_register) if (argc <= 0) RETURN_FALSE else - args = (zval ***)emalloc(argc * sizeof(zval **)); + args = (zval ***)safe_emalloc(argc, sizeof(zval **), 0); if (zend_get_parameters_array_ex(argc, args) == FAILURE) { efree(args); diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c index 7697c60c28..237a66a824 100644 --- a/ext/sockets/sockets.c +++ b/ext/sockets/sockets.c @@ -1267,7 +1267,7 @@ PHP_FUNCTION(socket_iovec_alloc) struct iovec *vector_array; int i, j, num_vectors, argc = ZEND_NUM_ARGS(); - args = emalloc(argc*sizeof(zval**)); + args = safe_emalloc(argc, sizeof(zval**), 0); if (argc < 1 || zend_get_parameters_array_ex(argc, args) == FAILURE) { efree(args); @@ -1277,7 +1277,7 @@ PHP_FUNCTION(socket_iovec_alloc) convert_to_long_ex(args[0]); num_vectors = Z_LVAL_PP(args[0]); - vector_array = emalloc(sizeof(struct iovec)*(num_vectors+1)); + vector_array = safe_emalloc(sizeof(struct iovec), (num_vectors+1), 0); for (i = 0, j = 1; i < num_vectors; i++, j++) { convert_to_long_ex(args[j]); @@ -1363,7 +1363,7 @@ PHP_FUNCTION(socket_iovec_add) ZEND_FETCH_RESOURCE(vector, php_iovec_t *, &iovec_id, -1, le_iov_name, le_iov); - vector_array = (struct iovec*)emalloc(sizeof(struct iovec) * (vector->count + 2)); + vector_array = (struct iovec*)safe_emalloc(sizeof(struct iovec), (vector->count + 2), 0); memcpy(vector_array, vector->iov_array, sizeof(struct iovec) * vector->count); vector_array[vector->count].iov_base = (char*)emalloc(iov_len); @@ -1397,7 +1397,7 @@ PHP_FUNCTION(socket_iovec_delete) RETURN_FALSE; } - vector_array = emalloc(vector->count * sizeof(struct iovec)); + vector_array = safe_emalloc(vector->count, sizeof(struct iovec), 0); for (i = 0; i < vector->count; i++) { if (i < iov_pos) { diff --git a/ext/sybase/php_sybase_db.c b/ext/sybase/php_sybase_db.c index 71e8a1f19c..b2eed1c88d 100644 --- a/ext/sybase/php_sybase_db.c +++ b/ext/sybase/php_sybase_db.c @@ -827,13 +827,13 @@ PHP_FUNCTION(sybase_query) RETURN_TRUE; } - column_types = (int *) emalloc(sizeof(int) * num_fields); + column_types = (int *) safe_emalloc(sizeof(int), num_fields, 0); for (i=0; idata = (pval ***) emalloc(sizeof(pval **)*SYBASE_ROWS_BLOCK); + result->data = (pval ***) safe_emalloc(sizeof(pval **), SYBASE_ROWS_BLOCK, 0); result->sybase_ptr = sybase_ptr; result->cur_field=result->cur_row=result->num_rows=0; result->num_fields = num_fields; @@ -844,7 +844,7 @@ PHP_FUNCTION(sybase_query) if (result->num_rows > blocks_initialized*SYBASE_ROWS_BLOCK) { result->data = (pval ***) erealloc(result->data,sizeof(pval **)*SYBASE_ROWS_BLOCK*(++blocks_initialized)); } - result->data[i] = (pval **) emalloc(sizeof(pval *)*num_fields); + result->data[i] = (pval **) safe_emalloc(sizeof(pval *), num_fields, 0); for (j=1; j<=num_fields; j++) { php_sybase_get_column_content(sybase_ptr, j, &result->data[i][j-1], column_types[j-1]); if (!php_sybase_module.compatability_mode) { @@ -862,7 +862,7 @@ PHP_FUNCTION(sybase_query) } result->num_rows = DBCOUNT(sybase_ptr->link); - result->fields = (sybase_field *) emalloc(sizeof(sybase_field)*num_fields); + result->fields = (sybase_field *) safe_emalloc(sizeof(sybase_field), num_fields, 0); j=0; for (i=0; ilink,i+1); diff --git a/ext/sybase_ct/php_sybase_ct.c b/ext/sybase_ct/php_sybase_ct.c index f93a9a0854..6e9b170186 100644 --- a/ext/sybase_ct/php_sybase_ct.c +++ b/ext/sybase_ct/php_sybase_ct.c @@ -1042,7 +1042,7 @@ static int php_sybase_fetch_result_row (sybase_result *result, int numrows) result->data = (zval **) erealloc(result->data, sizeof(zval *)*SYBASE_ROWS_BLOCK*(++result->blocks_initialized)); } if (result->store || 1 == result->num_rows) { - result->data[i] = (zval *) emalloc(sizeof(zval)*result->num_fields); + result->data[i] = (zval *) safe_emalloc(sizeof(zval), result->num_fields, 0); } for (j=0; jnum_fields; j++) { @@ -1103,7 +1103,7 @@ static sybase_result * php_sybase_fetch_result_set (sybase_link *sybase_ptr, int } result = (sybase_result *) emalloc(sizeof(sybase_result)); - result->data = (zval **) emalloc(sizeof(zval *)*SYBASE_ROWS_BLOCK); + result->data = (zval **) safe_emalloc(sizeof(zval *), SYBASE_ROWS_BLOCK, 0); result->fields = NULL; result->sybase_ptr = sybase_ptr; result->cur_field=result->cur_row=result->num_rows=0; @@ -1111,12 +1111,12 @@ static sybase_result * php_sybase_fetch_result_set (sybase_link *sybase_ptr, int result->last_retcode = 0; result->store= store; result->blocks_initialized= 1; - result->tmp_buffer = (char **) emalloc(sizeof(char *)*num_fields); - result->lengths = (CS_INT *) emalloc(sizeof(CS_INT)*num_fields); - result->indicators = (CS_SMALLINT *) emalloc(sizeof(CS_INT)*num_fields); - result->datafmt = (CS_DATAFMT *) emalloc(sizeof(CS_DATAFMT)*num_fields); - result->numerics = (unsigned char *) emalloc(sizeof(unsigned char)*num_fields); - result->types = (CS_INT *) emalloc(sizeof(CS_INT)*num_fields); + result->tmp_buffer = (char **) safe_emalloc(sizeof(char *), num_fields, 0); + result->lengths = (CS_INT *) safe_emalloc(sizeof(CS_INT), num_fields, 0); + result->indicators = (CS_SMALLINT *) safe_emalloc(sizeof(CS_INT), num_fields, 0); + result->datafmt = (CS_DATAFMT *) safe_emalloc(sizeof(CS_DATAFMT), num_fields, 0); + result->numerics = (unsigned char *) safe_emalloc(sizeof(unsigned char), num_fields, 0); + result->types = (CS_INT *) safe_emalloc(sizeof(CS_INT), num_fields, 0); for (i=0; icmd, i+1, &result->datafmt[i]); @@ -1180,7 +1180,7 @@ static sybase_result * php_sybase_fetch_result_set (sybase_link *sybase_ptr, int ct_bind(sybase_ptr->cmd, i+1, &result->datafmt[i], result->tmp_buffer[i], &result->lengths[i], &result->indicators[i]); } - result->fields = (sybase_field *) emalloc(sizeof(sybase_field)*num_fields); + result->fields = (sybase_field *) safe_emalloc(sizeof(sybase_field), num_fields, 0); j=0; for (i=0; itype = th; - ti->values = emalloc(sizeof(zval *) * th->member_count); + ti->values = safe_emalloc(sizeof(zval *), th->member_count, 0); memset(ti->values, '\0', sizeof(zval *) * th->member_count); MAKE_STD_ZVAL(rsrc_handle); @@ -1666,7 +1666,7 @@ W32API_CLASS_FUNCTION(win32, invokefunction) WRONG_PARAM_COUNT } - params = (w32api_dynamic_param *)emalloc(sizeof(w32api_dynamic_param) * argc); + params = (w32api_dynamic_param *)safe_emalloc(sizeof(w32api_dynamic_param), argc, 0); curr_arg = (*fh)->argument_list; current_dynamic_param = params; diff --git a/ext/wddx/wddx.c b/ext/wddx/wddx.c index 959b66ad88..a5a16e7342 100644 --- a/ext/wddx/wddx.c +++ b/ext/wddx/wddx.c @@ -140,7 +140,7 @@ zend_module_entry wddx_module_entry = { static int wddx_stack_init(wddx_stack *stack) { stack->top = 0; - stack->elements = (void **) emalloc(sizeof(void **) * STACK_BLOCK_SIZE); + stack->elements = (void **) safe_emalloc(sizeof(void **), STACK_BLOCK_SIZE, 0); stack->max = STACK_BLOCK_SIZE; stack->varname = NULL; stack->done = 0; @@ -1158,7 +1158,7 @@ PHP_FUNCTION(wddx_serialize_vars) } /* Allocate arguments array and get the arguments, checking for errors. */ - args = (zval ***)emalloc(argc * sizeof(zval **)); + args = (zval ***)safe_emalloc(argc, sizeof(zval **), 0); if (zend_get_parameters_array_ex(argc, args) == FAILURE) { efree(args); WRONG_PARAM_COUNT; @@ -1267,7 +1267,7 @@ PHP_FUNCTION(wddx_add_vars) } /* Allocate arguments array and get the arguments, checking for errors. */ - args = (zval ***)emalloc(argc * sizeof(zval **)); + args = (zval ***)safe_emalloc(argc, sizeof(zval **), 0); if (zend_get_parameters_array_ex(argc, args) == FAILURE) { efree(args); WRONG_PARAM_COUNT; diff --git a/ext/xml/xml.c b/ext/xml/xml.c index ef6f762ea4..210d25648d 100644 --- a/ext/xml/xml.c +++ b/ext/xml/xml.c @@ -408,7 +408,7 @@ static zval *xml_call_handler(xml_parser *parser, zval *handler, zend_function * int result; zend_fcall_info fci; - args = emalloc(sizeof(zval **) * argc); + args = safe_emalloc(sizeof(zval **), argc, 0); for (i = 0; i < argc; i++) { args[i] = &argv[i]; } @@ -525,7 +525,7 @@ static XML_Char *xml_utf8_encode(const char *s, int len, int *newlen, const XML_ } /* This is the theoretical max (will never get beyond len * 2 as long * as we are converting from single-byte characters, though) */ - newbuf = emalloc(len * 4 + 1); + newbuf = safe_emalloc(len, 4, 1); while (pos > 0) { c = encoder ? encoder((unsigned char)(*s)) : (unsigned short)(*s); if (c < 0x80) { @@ -1368,7 +1368,7 @@ PHP_FUNCTION(xml_parse_into_struct) if (info) parser->info = *info; parser->level = 0; - parser->ltags = emalloc(XML_MAXLEVEL * sizeof(char *)); + parser->ltags = safe_emalloc(XML_MAXLEVEL, sizeof(char *), 0); XML_SetDefaultHandler(parser->parser, _xml_defaultHandler); XML_SetElementHandler(parser->parser, _xml_startElementHandler, _xml_endElementHandler); diff --git a/ext/xsl/xsltprocessor.c b/ext/xsl/xsltprocessor.c index 4ae0bd41cf..dcdbc98852 100644 --- a/ext/xsl/xsltprocessor.c +++ b/ext/xsl/xsltprocessor.c @@ -62,10 +62,10 @@ static char *php_xsl_xslt_string_to_xpathexpr(const char *str TSRMLS_DC) php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot create XPath expression (string contains both quote and double-quotes)"); return NULL; } - value = (xmlChar*) emalloc (str_len * sizeof(xmlChar) ); + value = (xmlChar*) safe_emalloc (str_len, sizeof(xmlChar), 0); snprintf(value, str_len, "'%s'", string); } else { - value = (xmlChar*) emalloc (str_len * sizeof(xmlChar) ); + value = (xmlChar*) safe_emalloc (str_len, sizeof(xmlChar), 0); snprintf(value, str_len, "\"%s\"", string); } return (char *) value; diff --git a/main/network.c b/main/network.c index 211107bad3..93520d2672 100644 --- a/main/network.c +++ b/main/network.c @@ -240,7 +240,7 @@ static int php_network_getaddresses(const char *host, int socktype, struct socka in = *((struct in_addr *) host_info->h_addr); } - *sal = emalloc(2 * sizeof(*sal)); + *sal = safe_emalloc(2, sizeof(*sal), 0); sap = *sal; *sap = emalloc(sizeof(struct sockaddr_in)); (*sap)->sa_family = AF_INET; diff --git a/win32/select.c b/win32/select.c index f480fb9e6b..54840ac0f7 100644 --- a/win32/select.c +++ b/win32/select.c @@ -50,7 +50,7 @@ PHPAPI int php_select(php_socket_t max_fd, fd_set *rfds, fd_set *wfds, fd_set *e return 0; } - handles = (HANDLE*)emalloc((fd_count + sock_count) * sizeof(HANDLE)); + handles = (HANDLE*)safe_emalloc((fd_count + sock_count), sizeof(HANDLE), 0); /* populate the events and handles arrays */ f = 0; -- 2.40.0