/* Safe automatic memory allocation.
- Copyright (C) 2003-2007, 2009-2013 Free Software Foundation, Inc.
+ Copyright (C) 2003-2007, 2009-2021 Free Software Foundation, Inc.
Written by Bruno Haible <bruno@clisp.org>, 2003.
This program is free software; you can redistribute it and/or modify
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, see <http://www.gnu.org/licenses/>. */
+ along with this program; if not, see <https://www.gnu.org/licenses/>. */
#ifndef _MALLOCA_H
#define _MALLOCA_H
#include <alloca.h>
#include <stddef.h>
#include <stdlib.h>
+#include <stdint.h>
+
+#include "xalloc-oversized.h"
#ifdef __cplusplus
the function returns. Upon failure, it returns NULL. */
#if HAVE_ALLOCA
# define malloca(N) \
- ((N) < 4032 - sa_increment \
- ? (void *) ((char *) alloca ((N) + sa_increment) + sa_increment) \
+ ((N) < 4032 - (2 * sa_alignment_max - 1) \
+ ? (void *) (((uintptr_t) (char *) alloca ((N) + 2 * sa_alignment_max - 1) \
+ + (2 * sa_alignment_max - 1)) \
+ & ~(uintptr_t)(2 * sa_alignment_max - 1)) \
: mmalloca (N))
#else
# define malloca(N) \
/* nmalloca(N,S) is an overflow-safe variant of malloca (N * S).
It allocates an array of N objects, each with S bytes of memory,
- on the stack. S must be positive and N must be nonnegative.
+ on the stack. N and S should be nonnegative and free of side effects.
The array must be freed using freea() before the function returns. */
-#if 1
-/* Cf. the definition of xalloc_oversized. */
-# define nmalloca(n, s) \
- ((n) > (size_t) (sizeof (ptrdiff_t) <= sizeof (size_t) ? -1 : -2) / (s) \
- ? NULL \
- : malloca ((n) * (s)))
-#else
-extern void * nmalloca (size_t n, size_t s);
-#endif
+#define nmalloca(n, s) \
+ (xalloc_oversized (n, s) ? NULL : malloca ((n) * (size_t) (s)))
#ifdef __cplusplus
/* ------------------- Auxiliary, non-public definitions ------------------- */
/* Determine the alignment of a type at compile time. */
-#if defined __GNUC__ || defined __IBM__ALIGNOF__
+#if defined __GNUC__ || defined __clang__ || defined __IBM__ALIGNOF__
# define sa_alignof __alignof__
#elif defined __cplusplus
template <class type> struct sa_alignof_helper { char __slot1; type __slot2; };
among all elementary types. */
sa_alignment_long = sa_alignof (long),
sa_alignment_double = sa_alignof (double),
-#if HAVE_LONG_LONG_INT
sa_alignment_longlong = sa_alignof (long long),
-#endif
sa_alignment_longdouble = sa_alignof (long double),
sa_alignment_max = ((sa_alignment_long - 1) | (sa_alignment_double - 1)
-#if HAVE_LONG_LONG_INT
| (sa_alignment_longlong - 1)
-#endif
| (sa_alignment_longdouble - 1)
- ) + 1,
-/* The increment that guarantees room for a magic word must be >= sizeof (int)
- and a multiple of sa_alignment_max. */
- sa_increment = ((sizeof (int) + sa_alignment_max - 1) / sa_alignment_max) * sa_alignment_max
+ ) + 1
};
#endif /* _MALLOCA_H */
projects / platform / upstream / m4.git / blobdiff