Fix a memory leak and an access out of bounds#2
Open
asammouda wants to merge 2 commits intomirror:masterfrom
Open
Fix a memory leak and an access out of bounds#2asammouda wants to merge 2 commits intomirror:masterfrom
asammouda wants to merge 2 commits intomirror:masterfrom
Conversation
Author
|
Missing fclose |
Author
|
iso9660: hs.id Buffer is accessed out of bounds when its content is compared to "CDROM" |
asammouda
changed the title
okuoku
pushed a commit
to okuoku/wasmlinux-busybox
that referenced
this pull request
Nov 12, 2023
When I planned to print the command in read_line_input, I found that after the system started, the command printed for the first time was always garbled. After analysis, it is found that in the init() function of ash, the variable basepf.buf is not initialized after applying for memory, resulting in garbled initial data. Then assign it to the global variable g_parsefile->buf in ash.c, and then pass g_parsefile->buf to the parameter command of the function read_line_input in the function preadfd(), and finally cause it to be garbled when the command is printed by read_line_input. The call stack is as follows: #0 read_line_input (st=0xb6fff220, prompt=0xb6ffc910 "\\[\\033[32m\\]\\h \\w\\[\\033[m\\] \\$ ", command=command@entry=0xb6ffc230 "P\325\377\266P\325\377\266", maxsize=maxsize@entry=1024) at libbb/lineedit.c:2461 mirror#1 0x0043ef8c in preadfd () at shell/ash.c:10812 mirror#2 preadbuffer () at shell/ash.c:10914 mirror#3 pgetc () at shell/ash.c:10997 mirror#4 0x00440c20 in pgetc_eatbnl () at shell/ash.c:11039 mirror#5 0x00440cbc in xxreadtoken () at shell/ash.c:13157 mirror#6 0x00440f40 in readtoken () at shell/ash.c:13268 mirror#7 0x00441234 in list (nlflag=nlflag@entry=1) at shell/ash.c:11782 mirror#8 0x004420e8 in parsecmd (interact=<optimized out>) at shell/ash.c:13344 mirror#9 0x00442c34 in cmdloop (top=top@entry=1) at shell/ash.c:13549 mirror#10 0x00444e4c in ash_main (argc=<optimized out>, argv=0x444e4c <ash_main+1328>) at shell/ash.c:14747 mirror#11 0x00407954 in run_applet_no_and_exit (applet_no=9, name=<optimized out>, argv=0xbefffd34) at libbb/appletlib.c:1024 mirror#12 0x00407b68 in run_applet_and_exit (name=0xbefffe56 "ash", argv=0x9) at libbb/appletlib.c:1047 mirror#13 0x00407f88 in main (argc=<optimized out>, argv=0xbefffd34) at libbb/appletlib.c:1181 Fixes: 82dd14a ("ash: use CONFIG_FEATURE_EDITING_MAX_LEN") Signed-off-by: zhuyan <zhuyan34@huawei.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
robang74
referenced
this pull request
in robang74/busybox
Apr 9, 2026
Status: patch applies cleanly apart concat_path_file_fast() manually added
From 69312a6928c188ac8be3c714db3a53724b85dd09 Mon Sep 17 00:00:00 2001
From: Jody Bruchon <jody@jodybruchon.com>
Date: Wed, 10 Apr 2024 18:08:00 -0400
Subject: [PATCH v2] Huge performance boost for recursion (cp, du, find, ls, rm, mv)
This patch uses pre-calculated name lengths to massively speed up various
recursive operations. Three new *_fast variant functions are added along
with get_d_namlen copied from libjodycode. Passing lengths allows use of
memcpy() instead of strcpy()/strcat() and replacement of a particularly
hot xasprintf(). Cachegrind shows CPU instructions on Linux x86_64 drop
by 24% to 67% with similar reductions in data reads and writes.
Anything in BusyBox that uses a while(readdir()) loop or that calls
concat_*path_file() or last_char_is() might benefit from adopting this
optimization framework.
Bloat-O-Meter:
function old new delta
concat_path_file_fast - 194 +194
get_d_namlen - 36 +36
concat_subpath_file_fast - 31 +31
last_char_is_fast - 26 +26
complete_cmd_dir_file 992 1002 +10
copy_file 1831 1834 +3
remove_file 708 707 -1
recursive_action1 420 419 -1
du 468 467 -1
scan_and_display_dirs_recur 675 672 -3
concat_subpath_file 39 - -39
------------------------------------------------------------------------------
(add/remove: 5/1 grow/shrink: 2/4 up/down: 300/-45) Total: 255 bytes
Cachegrind tests (-original, +improved):
--------------------------------------------------------------------------------
Ir I1mr ILmr Dr D1mr DLmr Dw D1mw DLmw
--------------------------------------------------------------------------------
cg_diff_cp:-1,811,369 (100.0%) 1,544 (100.0%) 1,514 (100.0%) 379,597 (100.0%) 3,151 (100.0%) 2,183 (100.0%) 249,874 (100.0%) 1,218 (100.0%) 1,160 (100.0%) PROGRAM TOTALS
cg_diff_cp:+1,310,239 (100.0%) 1,550 (100.0%) 1,519 (100.0%) 290,298 (100.0%) 3,152 (100.0%) 2,183 (100.0%) 184,883 (100.0%) 1,218 (100.0%) 1,160 (100.0%) PROGRAM TOTALS
cg_diff_du:-11,080,026 (100.0%) 1,692 (100.0%) 1,627 (100.0%) 2,345,969 (100.0%) 5,603 (100.0%) 2,524 (100.0%) 1,537,107 (100.0%) 1,838 (100.0%) 1,342 (100.0%) PROGRAM TOTALS
cg_diff_du:+4,522,979 (100.0%) 1,635 (100.0%) 1,592 (100.0%) 1,189,256 (100.0%) 4,911 (100.0%) 2,513 (100.0%) 784,551 (100.0%) 1,636 (100.0%) 1,287 (100.0%) PROGRAM TOTALS
cg_diff_find:-10,719,682 (100.0%) 1,638 (100.0%) 1,592 (100.0%) 2,360,985 (100.0%) 4,149 (100.0%) 2,634 (100.0%) 1,493,014 (100.0%) 1,096 (100.0%) 836 (100.0%) PROGRAM TOTALS
cg_diff_find:+4,212,414 (100.0%) 1,527 (100.0%) 1,498 (100.0%) 1,215,858 (100.0%) 3,748 (100.0%) 2,629 (100.0%) 734,040 (100.0%) 850 (100.0%) 732 (100.0%) PROGRAM TOTALS
cg_diff_ls:-17,363,363 (100.0%) 1,984 (100.0%) 1,731 (100.0%) 3,751,223 (100.0%) 33,435 (100.0%) 2,439 (100.0%) 2,805,925 (100.0%) 9,422 (100.0%) 2,713 (100.0%) PROGRAM TOTALS
cg_diff_ls:+11,166,139 (100.0%) 1,774 (100.0%) 1,683 (100.0%) 2,666,248 (100.0%) 31,111 (100.0%) 2,671 (100.0%) 2,100,224 (100.0%) 9,007 (100.0%) 2,474 (100.0%) PROGRAM TOTALS
cg_diff_rm:-6,176,069 (100.0%) 1,585 (100.0%) 1,537 (100.0%) 1,298,524 (100.0%) 3,536 (100.0%) 2,351 (100.0%) 830,656 (100.0%) 905 (100.0%) 802 (100.0%) PROGRAM TOTALS
cg_diff_rm:+2,039,241 (100.0%) 1,459 (100.0%) 1,429 (100.0%) 573,877 (100.0%) 3,361 (100.0%) 2,438 (100.0%) 379,660 (100.0%) 724 (100.0%) 663 (100.0%) PROGRAM TOTALS
svlogd: rmoldest(): use get_d_namlen()
last_char_is_fast: more robust parameter check
concat_path_file_fast: copy null byte instead of adding one later
The file name will always end in a null byte, so copy it, saving
18 bytes of code.
function old new delta
concat_path_file_fast 193 175 -18
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-18) Total: -18 bytes
Signed-off-by: Jody Bruchon <jody@jodybruchon.com>
Signed-off-by: Roberto A. Foglietta <roberto.foglietta@gmail.com>
This is the commit message #2:
cache performance boost for recursion, cleanup
Comments removal related to functions changed, good for patch inspection
by the patch's author but not for production. Hence janitoring the patch.
Signed-off-by: Roberto A. Foglietta <roberto.foglietta@gmail.com>
This is the commit message #3:
cache performance boost for recursion, xmalloc
Signed-off-by: Roberto A. Foglietta <roberto.foglietta@gmail.com>
robang74
referenced
this pull request
in robang74/busybox
Apr 9, 2026
Status: patch applies cleanly apart concat_path_file_fast() manually added
From 69312a6928c188ac8be3c714db3a53724b85dd09 Mon Sep 17 00:00:00 2001
From: Jody Bruchon <jody@jodybruchon.com>
Date: Wed, 10 Apr 2024 18:08:00 -0400
Subject: [PATCH v2] Huge performance boost for recursion (cp, du, find, ls, rm, mv)
This patch uses pre-calculated name lengths to massively speed up various
recursive operations. Three new *_fast variant functions are added along
with get_d_namlen copied from libjodycode. Passing lengths allows use of
memcpy() instead of strcpy()/strcat() and replacement of a particularly
hot xasprintf(). Cachegrind shows CPU instructions on Linux x86_64 drop
by 24% to 67% with similar reductions in data reads and writes.
Anything in BusyBox that uses a while(readdir()) loop or that calls
concat_*path_file() or last_char_is() might benefit from adopting this
optimization framework.
Bloat-O-Meter:
function old new delta
concat_path_file_fast - 194 +194
get_d_namlen - 36 +36
concat_subpath_file_fast - 31 +31
last_char_is_fast - 26 +26
complete_cmd_dir_file 992 1002 +10
copy_file 1831 1834 +3
remove_file 708 707 -1
recursive_action1 420 419 -1
du 468 467 -1
scan_and_display_dirs_recur 675 672 -3
concat_subpath_file 39 - -39
------------------------------------------------------------------------------
(add/remove: 5/1 grow/shrink: 2/4 up/down: 300/-45) Total: 255 bytes
Cachegrind tests (-original, +improved):
--------------------------------------------------------------------------------
Ir I1mr ILmr Dr D1mr DLmr Dw D1mw DLmw
--------------------------------------------------------------------------------
cg_diff_cp:-1,811,369 (100.0%) 1,544 (100.0%) 1,514 (100.0%) 379,597 (100.0%) 3,151 (100.0%) 2,183 (100.0%) 249,874 (100.0%) 1,218 (100.0%) 1,160 (100.0%) PROGRAM TOTALS
cg_diff_cp:+1,310,239 (100.0%) 1,550 (100.0%) 1,519 (100.0%) 290,298 (100.0%) 3,152 (100.0%) 2,183 (100.0%) 184,883 (100.0%) 1,218 (100.0%) 1,160 (100.0%) PROGRAM TOTALS
cg_diff_du:-11,080,026 (100.0%) 1,692 (100.0%) 1,627 (100.0%) 2,345,969 (100.0%) 5,603 (100.0%) 2,524 (100.0%) 1,537,107 (100.0%) 1,838 (100.0%) 1,342 (100.0%) PROGRAM TOTALS
cg_diff_du:+4,522,979 (100.0%) 1,635 (100.0%) 1,592 (100.0%) 1,189,256 (100.0%) 4,911 (100.0%) 2,513 (100.0%) 784,551 (100.0%) 1,636 (100.0%) 1,287 (100.0%) PROGRAM TOTALS
cg_diff_find:-10,719,682 (100.0%) 1,638 (100.0%) 1,592 (100.0%) 2,360,985 (100.0%) 4,149 (100.0%) 2,634 (100.0%) 1,493,014 (100.0%) 1,096 (100.0%) 836 (100.0%) PROGRAM TOTALS
cg_diff_find:+4,212,414 (100.0%) 1,527 (100.0%) 1,498 (100.0%) 1,215,858 (100.0%) 3,748 (100.0%) 2,629 (100.0%) 734,040 (100.0%) 850 (100.0%) 732 (100.0%) PROGRAM TOTALS
cg_diff_ls:-17,363,363 (100.0%) 1,984 (100.0%) 1,731 (100.0%) 3,751,223 (100.0%) 33,435 (100.0%) 2,439 (100.0%) 2,805,925 (100.0%) 9,422 (100.0%) 2,713 (100.0%) PROGRAM TOTALS
cg_diff_ls:+11,166,139 (100.0%) 1,774 (100.0%) 1,683 (100.0%) 2,666,248 (100.0%) 31,111 (100.0%) 2,671 (100.0%) 2,100,224 (100.0%) 9,007 (100.0%) 2,474 (100.0%) PROGRAM TOTALS
cg_diff_rm:-6,176,069 (100.0%) 1,585 (100.0%) 1,537 (100.0%) 1,298,524 (100.0%) 3,536 (100.0%) 2,351 (100.0%) 830,656 (100.0%) 905 (100.0%) 802 (100.0%) PROGRAM TOTALS
cg_diff_rm:+2,039,241 (100.0%) 1,459 (100.0%) 1,429 (100.0%) 573,877 (100.0%) 3,361 (100.0%) 2,438 (100.0%) 379,660 (100.0%) 724 (100.0%) 663 (100.0%) PROGRAM TOTALS
svlogd: rmoldest(): use get_d_namlen()
last_char_is_fast: more robust parameter check
concat_path_file_fast: copy null byte instead of adding one later
The file name will always end in a null byte, so copy it, saving
18 bytes of code.
function old new delta
concat_path_file_fast 193 175 -18
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-18) Total: -18 bytes
Signed-off-by: Jody Bruchon <jody@jodybruchon.com>
Signed-off-by: Roberto A. Foglietta <roberto.foglietta@gmail.com>
This is the commit message #2:
cache performance boost for recursion, cleanup
Comments removal related to functions changed, good for patch inspection
by the patch's author but not for production. Hence janitoring the patch.
Signed-off-by: Roberto A. Foglietta <roberto.foglietta@gmail.com>
This is the commit message #3:
cache performance boost for recursion, xmalloc
Signed-off-by: Roberto A. Foglietta <roberto.foglietta@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.