Bug Summary

File:build-scan/../src/basic/utf8.c
Warning:line 356, column 12
Use of zero-allocated memory

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name utf8.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -menable-no-infs -menable-no-nans -menable-unsafe-fp-math -fno-signed-zeros -mreassociate -freciprocal-math -fdenormal-fp-math=preserve-sign,preserve-sign -ffp-contract=fast -fno-rounding-math -ffast-math -ffinite-math-only -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib64/clang/12.0.0 -include config.h -I src/basic/libbasic.a.p -I src/basic -I ../src/basic -I src/shared -I ../src/shared -I src/systemd -I ../src/systemd -I src/journal -I ../src/journal -I src/journal-remote -I ../src/journal-remote -I src/nspawn -I ../src/nspawn -I src/resolve -I ../src/resolve -I src/timesync -I ../src/timesync -I ../src/time-wait-sync -I src/login -I ../src/login -I src/udev -I ../src/udev -I src/libudev -I ../src/libudev -I src/core -I ../src/core -I ../src/libsystemd/sd-bus -I ../src/libsystemd/sd-device -I ../src/libsystemd/sd-hwdb -I ../src/libsystemd/sd-id128 -I ../src/libsystemd/sd-netlink -I ../src/libsystemd/sd-network -I src/libsystemd-network -I ../src/libsystemd-network -I . -I .. -I /usr/include/blkid -I /usr/include/libmount -D _FILE_OFFSET_BITS=64 -internal-isystem /usr/local/include -internal-isystem /usr/lib64/clang/12.0.0/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -Wwrite-strings -Wno-unused-parameter -Wno-missing-field-initializers -Wno-unused-result -Wno-format-signedness -Wno-error=nonnull -std=gnu99 -fconst-strings -fdebug-compilation-dir /home/mrc0mmand/repos/@redhat-plumbers/systemd-rhel8/build-scan -ferror-limit 19 -fvisibility default -stack-protector 2 -fgnuc-version=4.2.1 -fcolor-diagnostics -analyzer-output=html -faddrsig -o /tmp/scan-build-2021-07-16-221226-1465241-1 -x c ../src/basic/utf8.c

../src/basic/utf8.c

1/* SPDX-License-Identifier: LGPL-2.1+ */
2
3/* Parts of this file are based on the GLIB utf8 validation functions. The
4 * original license text follows. */
5
6/* gutf8.c - Operations on UTF-8 strings.
7 *
8 * Copyright (C) 1999 Tom Tromey
9 * Copyright (C) 2000 Red Hat, Inc.
10 *
11 * This library is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU Library General Public
13 * License as published by the Free Software Foundation; either
14 * version 2 of the License, or (at your option) any later version.
15 *
16 * This library is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * Library General Public License for more details.
20 *
21 * You should have received a copy of the GNU Library General Public
22 * License along with this library; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
24 */
25
26#include <errno(*__errno_location ()).h>
27#include <stdbool.h>
28#include <stdlib.h>
29#include <string.h>
30
31#include "alloc-util.h"
32#include "gunicode.h"
33#include "hexdecoct.h"
34#include "macro.h"
35#include "utf8.h"
36
37bool_Bool unichar_is_valid(char32_t ch) {
38
39 if (ch >= 0x110000) /* End of unicode space */
40 return false0;
41 if ((ch & 0xFFFFF800) == 0xD800) /* Reserved area for UTF-16 */
42 return false0;
43 if ((ch >= 0xFDD0) && (ch <= 0xFDEF)) /* Reserved */
44 return false0;
45 if ((ch & 0xFFFE) == 0xFFFE) /* BOM (Byte Order Mark) */
46 return false0;
47
48 return true1;
49}
50
51static bool_Bool unichar_is_control(char32_t ch) {
52
53 /*
54 0 to ' '-1 is the C0 range.
55 DEL=0x7F, and DEL+1 to 0x9F is C1 range.
56 '\t' is in C0 range, but more or less harmless and commonly used.
57 */
58
59 return (ch < ' ' && !IN_SET(ch, '\t', '\n')({ _Bool _found = 0; static __attribute__ ((unused)) char _static_assert__macros_need_to_be_extended
[20 - sizeof((int[]){'\t', '\n'})/sizeof(int)]; switch(ch) { case
'\t': case '\n': _found = 1; break; default: break; } _found
; })) ||
60 (0x7F <= ch && ch <= 0x9F);
61}
62
63/* count of characters used to encode one unicode char */
64static int utf8_encoded_expected_len(const char *str) {
65 unsigned char c;
66
67 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 67, __PRETTY_FUNCTION__
); } while (0);
68
69 c = (unsigned char) str[0];
70 if (c < 0x80)
71 return 1;
72 if ((c & 0xe0) == 0xc0)
73 return 2;
74 if ((c & 0xf0) == 0xe0)
75 return 3;
76 if ((c & 0xf8) == 0xf0)
77 return 4;
78 if ((c & 0xfc) == 0xf8)
79 return 5;
80 if ((c & 0xfe) == 0xfc)
81 return 6;
82
83 return 0;
84}
85
86/* decode one unicode char */
87int utf8_encoded_to_unichar(const char *str, char32_t *ret_unichar) {
88 char32_t unichar;
89 int len, i;
90
91 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 91, __PRETTY_FUNCTION__
); } while (0);
92
93 len = utf8_encoded_expected_len(str);
94
95 switch (len) {
96 case 1:
97 *ret_unichar = (char32_t)str[0];
98 return 0;
99 case 2:
100 unichar = str[0] & 0x1f;
101 break;
102 case 3:
103 unichar = (char32_t)str[0] & 0x0f;
104 break;
105 case 4:
106 unichar = (char32_t)str[0] & 0x07;
107 break;
108 case 5:
109 unichar = (char32_t)str[0] & 0x03;
110 break;
111 case 6:
112 unichar = (char32_t)str[0] & 0x01;
113 break;
114 default:
115 return -EINVAL22;
116 }
117
118 for (i = 1; i < len; i++) {
119 if (((char32_t)str[i] & 0xc0) != 0x80)
120 return -EINVAL22;
121 unichar <<= 6;
122 unichar |= (char32_t)str[i] & 0x3f;
123 }
124
125 *ret_unichar = unichar;
126
127 return 0;
128}
129
130bool_Bool utf8_is_printable_newline(const char* str, size_t length, bool_Bool newline) {
131 const char *p;
132
133 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 133, __PRETTY_FUNCTION__
); } while (0);
134
135 for (p = str; length;) {
136 int encoded_len, r;
137 char32_t val;
138
139 encoded_len = utf8_encoded_valid_unichar(p);
140 if (encoded_len < 0 ||
141 (size_t) encoded_len > length)
142 return false0;
143
144 r = utf8_encoded_to_unichar(p, &val);
145 if (r < 0 ||
146 unichar_is_control(val) ||
147 (!newline && val == '\n'))
148 return false0;
149
150 length -= encoded_len;
151 p += encoded_len;
152 }
153
154 return true1;
155}
156
157const char *utf8_is_valid(const char *str) {
158 const uint8_t *p;
159
160 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 160, __PRETTY_FUNCTION__
); } while (0);
161
162 for (p = (const uint8_t*) str; *p; ) {
163 int len;
164
165 len = utf8_encoded_valid_unichar((const char *)p);
166 if (len < 0)
167 return NULL((void*)0);
168
169 p += len;
170 }
171
172 return str;
173}
174
175char *utf8_escape_invalid(const char *str) {
176 char *p, *s;
177
178 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 178, __PRETTY_FUNCTION__
); } while (0);
179
180 p = s = malloc(strlen(str) * 4 + 1);
181 if (!p)
182 return NULL((void*)0);
183
184 while (*str) {
185 int len;
186
187 len = utf8_encoded_valid_unichar(str);
188 if (len > 0) {
189 s = mempcpy(s, str, len);
190 str += len;
191 } else {
192 s = stpcpy(s, UTF8_REPLACEMENT_CHARACTER"\xef\xbf\xbd");
193 str += 1;
194 }
195 }
196
197 *s = '\0';
198
199 return p;
200}
201
202char *utf8_escape_non_printable(const char *str) {
203 char *p, *s;
204
205 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 205, __PRETTY_FUNCTION__
); } while (0);
206
207 p = s = malloc(strlen(str) * 4 + 1);
208 if (!p)
209 return NULL((void*)0);
210
211 while (*str) {
212 int len;
213
214 len = utf8_encoded_valid_unichar(str);
215 if (len > 0) {
216 if (utf8_is_printable(str, len)utf8_is_printable_newline(str, len, 1)) {
217 s = mempcpy(s, str, len);
218 str += len;
219 } else {
220 while (len > 0) {
221 *(s++) = '\\';
222 *(s++) = 'x';
223 *(s++) = hexchar((int) *str >> 4);
224 *(s++) = hexchar((int) *str);
225
226 str += 1;
227 len--;
228 }
229 }
230 } else {
231 s = stpcpy(s, UTF8_REPLACEMENT_CHARACTER"\xef\xbf\xbd");
232 str += 1;
233 }
234 }
235
236 *s = '\0';
237
238 return p;
239}
240
241char *ascii_is_valid(const char *str) {
242 const char *p;
243
244 /* Check whether the string consists of valid ASCII bytes,
245 * i.e values between 0 and 127, inclusive. */
246
247 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 247, __PRETTY_FUNCTION__
); } while (0);
248
249 for (p = str; *p; p++)
250 if ((unsigned char) *p >= 128)
251 return NULL((void*)0);
252
253 return (char*) str;
254}
255
256char *ascii_is_valid_n(const char *str, size_t len) {
257 size_t i;
258
259 /* Very similar to ascii_is_valid(), but checks exactly len
260 * bytes and rejects any NULs in that range. */
261
262 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 262, __PRETTY_FUNCTION__
); } while (0);
263
264 for (i = 0; i < len; i++)
265 if ((unsigned char) str[i] >= 128 || str[i] == 0)
266 return NULL((void*)0);
267
268 return (char*) str;
269}
270
271/**
272 * utf8_encode_unichar() - Encode single UCS-4 character as UTF-8
273 * @out_utf8: output buffer of at least 4 bytes or NULL
274 * @g: UCS-4 character to encode
275 *
276 * This encodes a single UCS-4 character as UTF-8 and writes it into @out_utf8.
277 * The length of the character is returned. It is not zero-terminated! If the
278 * output buffer is NULL, only the length is returned.
279 *
280 * Returns: The length in bytes that the UTF-8 representation does or would
281 * occupy.
282 */
283size_t utf8_encode_unichar(char *out_utf8, char32_t g) {
284
285 if (g < (1 << 7)) {
286 if (out_utf8)
287 out_utf8[0] = g & 0x7f;
288 return 1;
289 } else if (g < (1 << 11)) {
290 if (out_utf8) {
291 out_utf8[0] = 0xc0 | ((g >> 6) & 0x1f);
292 out_utf8[1] = 0x80 | (g & 0x3f);
293 }
294 return 2;
295 } else if (g < (1 << 16)) {
296 if (out_utf8) {
297 out_utf8[0] = 0xe0 | ((g >> 12) & 0x0f);
298 out_utf8[1] = 0x80 | ((g >> 6) & 0x3f);
299 out_utf8[2] = 0x80 | (g & 0x3f);
300 }
301 return 3;
302 } else if (g < (1 << 21)) {
303 if (out_utf8) {
304 out_utf8[0] = 0xf0 | ((g >> 18) & 0x07);
305 out_utf8[1] = 0x80 | ((g >> 12) & 0x3f);
306 out_utf8[2] = 0x80 | ((g >> 6) & 0x3f);
307 out_utf8[3] = 0x80 | (g & 0x3f);
308 }
309 return 4;
310 }
311
312 return 0;
313}
314
315char *utf16_to_utf8(const void *s, size_t length) {
316 const uint8_t *f;
317 char *r, *t;
318
319 r = new(char, (length * 4 + 1) / 2 + 1)((char*) malloc_multiply(sizeof(char), ((length * 4 + 1) / 2 +
1)));
1
Calling 'malloc_multiply'
4
Returned allocated memory
320 if (!r)
5
Assuming 'r' is non-null
6
Taking false branch
321 return NULL((void*)0);
322
323 f = s;
324 t = r;
325
326 while (f < (const uint8_t*) s + length) {
7
Assuming the condition is false
8
Loop condition is false. Execution continues on line 356
327 char16_t w1, w2;
328
329 /* see RFC 2781 section 2.2 */
330
331 w1 = f[1] << 8 | f[0];
332 f += 2;
333
334 if (!utf16_is_surrogate(w1)) {
335 t += utf8_encode_unichar(t, w1);
336
337 continue;
338 }
339
340 if (utf16_is_trailing_surrogate(w1))
341 continue;
342 else if (f >= (const uint8_t*) s + length)
343 break;
344
345 w2 = f[1] << 8 | f[0];
346 f += 2;
347
348 if (!utf16_is_trailing_surrogate(w2)) {
349 f -= 2;
350 continue;
351 }
352
353 t += utf8_encode_unichar(t, utf16_surrogate_pair_to_unichar(w1, w2));
354 }
355
356 *t = 0;
9
Use of zero-allocated memory
357 return r;
358}
359
360/* expected size used to encode one unicode char */
361static int utf8_unichar_to_encoded_len(char32_t unichar) {
362
363 if (unichar < 0x80)
364 return 1;
365 if (unichar < 0x800)
366 return 2;
367 if (unichar < 0x10000)
368 return 3;
369 if (unichar < 0x200000)
370 return 4;
371 if (unichar < 0x4000000)
372 return 5;
373
374 return 6;
375}
376
377/* validate one encoded unicode char and return its length */
378int utf8_encoded_valid_unichar(const char *str) {
379 int len, i, r;
380 char32_t unichar;
381
382 assert(str)do { if ((__builtin_expect(!!(!(str)),0))) log_assert_failed_realm
(LOG_REALM_SYSTEMD, ("str"), "../src/basic/utf8.c", 382, __PRETTY_FUNCTION__
); } while (0);
383
384 len = utf8_encoded_expected_len(str);
385 if (len == 0)
386 return -EINVAL22;
387
388 /* ascii is valid */
389 if (len == 1)
390 return 1;
391
392 /* check if expected encoded chars are available */
393 for (i = 0; i < len; i++)
394 if ((str[i] & 0x80) != 0x80)
395 return -EINVAL22;
396
397 r = utf8_encoded_to_unichar(str, &unichar);
398 if (r < 0)
399 return r;
400
401 /* check if encoded length matches encoded value */
402 if (utf8_unichar_to_encoded_len(unichar) != len)
403 return -EINVAL22;
404
405 /* check if value has valid range */
406 if (!unichar_is_valid(unichar))
407 return -EINVAL22;
408
409 return len;
410}
411
412size_t utf8_n_codepoints(const char *str) {
413 size_t n = 0;
414
415 /* Returns the number of UTF-8 codepoints in this string, or (size_t) -1 if the string is not valid UTF-8. */
416
417 while (*str != 0) {
418 int k;
419
420 k = utf8_encoded_valid_unichar(str);
421 if (k < 0)
422 return (size_t) -1;
423
424 str += k;
425 n++;
426 }
427
428 return n;
429}
430
431size_t utf8_console_width(const char *str) {
432 size_t n = 0;
433
434 /* Returns the approximate width a string will take on screen when printed on a character cell
435 * terminal/console. */
436
437 while (*str != 0) {
438 char32_t c;
439
440 if (utf8_encoded_to_unichar(str, &c) < 0)
441 return (size_t) -1;
442
443 str = utf8_next_char(str)(char *)((str) + utf8_skip_data[*(const unsigned char *)(str)
]);
444
445 n += unichar_iswide(c) ? 2 : 1;
446 }
447
448 return n;
449}

../src/basic/alloc-util.h

1/* SPDX-License-Identifier: LGPL-2.1+ */
2#pragma once
3
4#include <alloca.h>
5#include <stddef.h>
6#include <stdlib.h>
7#include <string.h>
8
9#include "macro.h"
10
11#define new(t, n)((t*) malloc_multiply(sizeof(t), (n))) ((t*) malloc_multiply(sizeof(t), (n)))
12
13#define new0(t, n)((t*) calloc((n), sizeof(t))) ((t*) calloc((n), sizeof(t)))
14
15#define newa(t, n)({ do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 15, __PRETTY_FUNCTION__); } while
(0); (t*) __builtin_alloca (sizeof(t)*(n)); }) \
16 ({ \
17 assert(!size_multiply_overflow(sizeof(t), n))do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 17, __PRETTY_FUNCTION__); } while
(0); \
18 (t*) alloca(sizeof(t)*(n))__builtin_alloca (sizeof(t)*(n)); \
19 })
20
21#define newa0(t, n)({ do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 21, __PRETTY_FUNCTION__); } while
(0); (t*) ({ char *_new_; size_t _len_ = sizeof(t)*(n); _new_
= __builtin_alloca (_len_); (void *) memset(_new_, 0, _len_)
; }); }) \
22 ({ \
23 assert(!size_multiply_overflow(sizeof(t), n))do { if ((__builtin_expect(!!(!(!size_multiply_overflow(sizeof
(t), n))),0))) log_assert_failed_realm(LOG_REALM_SYSTEMD, ("!size_multiply_overflow(sizeof(t), n)"
), "../src/basic/alloc-util.h", 23, __PRETTY_FUNCTION__); } while
(0); \
24 (t*) alloca0(sizeof(t)*(n))({ char *_new_; size_t _len_ = sizeof(t)*(n); _new_ = __builtin_alloca
(_len_); (void *) memset(_new_, 0, _len_); }); \
25 })
26
27#define newdup(t, p, n)((t*) memdup_multiply(p, sizeof(t), (n))) ((t*) memdup_multiply(p, sizeof(t), (n)))
28
29#define newdup_suffix0(t, p, n)((t*) memdup_suffix0_multiply(p, sizeof(t), (n))) ((t*) memdup_suffix0_multiply(p, sizeof(t), (n)))
30
31#define malloc0(n)(calloc(1, (n))) (calloc(1, (n)))
32
33static inline void *mfree(void *memory) {
34 free(memory);
35 return NULL((void*)0);
36}
37
38#define free_and_replace(a, b)({ free(a); (a) = (b); (b) = ((void*)0); 0; }) \
39 ({ \
40 free(a); \
41 (a) = (b); \
42 (b) = NULL((void*)0); \
43 0; \
44 })
45
46void* memdup(const void *p, size_t l) _alloc_(2);
47void* memdup_suffix0(const void *p, size_t l) _alloc_(2);
48
49static inline void freep(void *p) {
50 free(*(void**) p);
51}
52
53#define _cleanup_free___attribute__((cleanup(freep))) _cleanup_(freep)__attribute__((cleanup(freep)))
54
55static inline bool_Bool size_multiply_overflow(size_t size, size_t need) {
56 return _unlikely_(need != 0 && size > (SIZE_MAX / need))(__builtin_expect(!!(need != 0 && size > ((18446744073709551615UL
) / need)),0));
57}
58
59_malloc___attribute__ ((malloc)) _alloc_(1, 2) static inline void *malloc_multiply(size_t size, size_t need) {
60 if (size_multiply_overflow(size, need))
2
Taking false branch
61 return NULL((void*)0);
62
63 return malloc(size * need);
3
Memory is allocated
64}
65
66#if !HAVE_REALLOCARRAY1
67_alloc_(2, 3) static inline void *reallocarray(void *p, size_t need, size_t size) {
68 if (size_multiply_overflow(size, need))
69 return NULL((void*)0);
70
71 return realloc(p, size * need);
72}
73#endif
74
75_alloc_(2, 3) static inline void *memdup_multiply(const void *p, size_t size, size_t need) {
76 if (size_multiply_overflow(size, need))
77 return NULL((void*)0);
78
79 return memdup(p, size * need);
80}
81
82_alloc_(2, 3) static inline void *memdup_suffix0_multiply(const void *p, size_t size, size_t need) {
83 if (size_multiply_overflow(size, need))
84 return NULL((void*)0);
85
86 return memdup_suffix0(p, size * need);
87}
88
89void* greedy_realloc(void **p, size_t *allocated, size_t need, size_t size);
90void* greedy_realloc0(void **p, size_t *allocated, size_t need, size_t size);
91
92#define GREEDY_REALLOC(array, allocated, need)greedy_realloc((void**) &(array), &(allocated), (need
), sizeof((array)[0])) \
93 greedy_realloc((void**) &(array), &(allocated), (need), sizeof((array)[0]))
94
95#define GREEDY_REALLOC0(array, allocated, need)greedy_realloc0((void**) &(array), &(allocated), (need
), sizeof((array)[0])) \
96 greedy_realloc0((void**) &(array), &(allocated), (need), sizeof((array)[0]))
97
98#define alloca0(n)({ char *_new_; size_t _len_ = n; _new_ = __builtin_alloca (_len_
); (void *) memset(_new_, 0, _len_); }) \
99 ({ \
100 char *_new_; \
101 size_t _len_ = n; \
102 _new_ = alloca(_len_)__builtin_alloca (_len_); \
103 (void *) memset(_new_, 0, _len_); \
104 })
105
106/* It's not clear what alignment glibc/gcc alloca() guarantee, hence provide a guaranteed safe version */
107#define alloca_align(size, align)({ void *_ptr_; size_t _mask_ = (align) - 1; _ptr_ = __builtin_alloca
((size) + _mask_); (void*)(((uintptr_t)_ptr_ + _mask_) &
~_mask_); }) \
108 ({ \
109 void *_ptr_; \
110 size_t _mask_ = (align) - 1; \
111 _ptr_ = alloca((size) + _mask_)__builtin_alloca ((size) + _mask_); \
112 (void*)(((uintptr_t)_ptr_ + _mask_) & ~_mask_); \
113 })
114
115#define alloca0_align(size, align)({ void *_new_; size_t _size_ = (size); _new_ = ({ void *_ptr_
; size_t _mask_ = ((align)) - 1; _ptr_ = __builtin_alloca ((_size_
) + _mask_); (void*)(((uintptr_t)_ptr_ + _mask_) & ~_mask_
); }); (void*)memset(_new_, 0, _size_); }) \
116 ({ \
117 void *_new_; \
118 size_t _size_ = (size); \
119 _new_ = alloca_align(_size_, (align))({ void *_ptr_; size_t _mask_ = ((align)) - 1; _ptr_ = __builtin_alloca
((_size_) + _mask_); (void*)(((uintptr_t)_ptr_ + _mask_) &
~_mask_); }); \
120 (void*)memset(_new_, 0, _size_); \
121 })
122
123/* Takes inspiration from Rusts's Option::take() method: reads and returns a pointer, but at the same time resets it to
124 * NULL. See: https://doc.rust-lang.org/std/option/enum.Option.html#method.take */
125#define TAKE_PTR(ptr)({ typeof(ptr) _ptr_ = (ptr); (ptr) = ((void*)0); _ptr_; }) \
126 ({ \
127 typeof(ptr) _ptr_ = (ptr); \
128 (ptr) = NULL((void*)0); \
129 _ptr_; \
130 })