Bump to m4 1.4.19

[platform/upstream/m4.git] / lib / xmalloca.h

diff --git a/lib/xmalloca.h b/lib/xmalloca.h
index 12f7e3d..dbc6486 100644 (file)
--- a/lib/xmalloca.h
+++ b/lib/xmalloca.h
@@ -1,5 +1,5 @@
 /* Safe automatic memory allocation with out of memory checking.
-   Copyright (C) 2003, 2005, 2007, 2009-2011 Free Software Foundation, Inc.
+   Copyright (C) 2003, 2005, 2007, 2009-2021 Free Software Foundation, Inc.
    Written by Bruno Haible <bruno@clisp.org>, 2003.
 
    This program is free software: you can redistribute it and/or modify
@@ -13,13 +13,14 @@
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
 
 #ifndef _XMALLOCA_H
 #define _XMALLOCA_H
 
 #include "malloca.h"
 #include "xalloc.h"
+#include "xalloc-oversized.h"
 
 
 #ifdef __cplusplus
@@ -29,11 +30,14 @@ extern "C" {
 
 /* xmalloca(N) is a checking safe variant of alloca(N).  It allocates N bytes
    of memory allocated on the stack, that must be freed using freea() before
-   the function returns.  Upon failure, it exits with an error message.  */
+   the function returns.  N should not have side effects.
+   Upon failure, it exits with an error message.  */
 #if HAVE_ALLOCA
 # define xmalloca(N) \
-  ((N) < 4032 - sa_increment                                        \
-   ? (void *) ((char *) alloca ((N) + sa_increment) + sa_increment) \
+  ((N) < 4032 - (2 * sa_alignment_max - 1)                                   \
+   ? (void *) (((uintptr_t) (char *) alloca ((N) + 2 * sa_alignment_max - 1) \
+                + (2 * sa_alignment_max - 1))                                \
+               & ~(uintptr_t)(2 * sa_alignment_max - 1))                     \
    : xmmalloca (N))
 extern void * xmmalloca (size_t n);
 #else
@@ -43,16 +47,17 @@ extern void * xmmalloca (size_t n);
 
 /* xnmalloca(N,S) is an overflow-safe variant of xmalloca (N * S).
    It allocates an array of N objects, each with S bytes of memory,
-   on the stack.  S must be positive and N must be nonnegative.
+   on the stack.  S must be positive and N must be nonnegative,
+   and S and N should not have side effects.
    The array must be freed using freea() before the function returns.
    Upon failure, it exits with an error message.  */
 #if HAVE_ALLOCA
 /* Rely on xmalloca (SIZE_MAX) calling xalloc_die ().  */
 # define xnmalloca(n, s) \
-    xmalloca (xalloc_oversized ((n), (s)) ? (size_t) (-1) : (n) * (s))
+    xmalloca (xalloc_oversized (n, s) ? (size_t) (-1) : (n) * (size_t) (s))
 #else
 # define xnmalloca(n, s) \
-    xnmalloc ((n), (s))
+    xnmalloc (n, s)
 #endif