Avoid writing in second person in malloc.3

ok deraadt@
author: doug <> 2014-10-22 05:19:27 +0000
committer: doug <> 2014-10-22 05:19:27 +0000
commit: 7ccbe9ff89c73fb88bf75fca3085b051d45f2f64 (patch)
tree: 47cdaee64f407c6e04010fbc7347f1b262d27be6 /src
parent: 785282b5b9dd6b6677feec360b12d5162c203b52 (diff)
download: openbsd-7ccbe9ff89c73fb88bf75fca3085b051d45f2f64.tar.gz
openbsd-7ccbe9ff89c73fb88bf75fca3085b051d45f2f64.tar.bz2
openbsd-7ccbe9ff89c73fb88bf75fca3085b051d45f2f64.zip
1 files changed, 12 insertions, 13 deletions
diff --git a/src/lib/libc/stdlib/malloc.3 b/src/lib/libc/stdlib/malloc.3
index 8305b14d35..caf1da2207 100644
--- a/src/lib/libc/stdlib/malloc.3
+++ b/src/lib/libc/stdlib/malloc.3
@@ -30,9 +30,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"     $OpenBSD: malloc.3,v 1.81 2014/10/20 19:35:23 schwarze Exp $
+.\"     $OpenBSD: malloc.3,v 1.82 2014/10/22 05:19:27 doug Exp $
 .\"
-.Dd $Mdocdate: October 20 2014 $
+.Dd $Mdocdate: October 22 2014 $
 .Dt MALLOC 3
 .Os
 .Sh NAME
@@ -195,7 +195,7 @@ Consider
 .Fn calloc
 or the extension
 .Fn reallocarray
-when you have multiplication in the
+when there is multiplication in the
 .Fa size
 argument of
 .Fn malloc
@@ -648,26 +648,25 @@ When using
 .Fn malloc ,
 be wary of signed integer and
 .Vt size_t
-overflow especially when you
+overflow especially when there is multiplication in the
-have multiplication in the
 .Fa size
 argument.
 .Pp
 Signed integer overflow will cause undefined behavior which compilers
 typically handle by wrapping back around to negative numbers.
 Depending on the input, this can result in allocating more or less
-memory than you intended.
+memory than intended.
 .Pp
-An unsigned overflow has defined behavior which will wrap back around and you
+An unsigned overflow has defined behavior which will wrap back around and
-will receive less memory than you intended.
+return less memory than intended.
 .Pp
 A signed or unsigned integer overflow is a
 .Em security
-risk if you end up allocating less memory than you intended.
+risk if less memory is returned than intended.
-Your code may corrupt the heap by writing beyond the memory that you
+Subsequent code may corrupt the heap by writing beyond the memory that was
-were allocated.
+allocated.
-An attacker may be able to leverage this heap corruption to convince your
+An attacker may be able to leverage this heap corruption to execute arbitrary
-program to execute arbitrary code.
+code.
 .Pp
 Consider using
 .Fn calloc
author	doug <>	2014-10-22 05:19:27 +0000
committer	doug <>	2014-10-22 05:19:27 +0000
commit	7ccbe9ff89c73fb88bf75fca3085b051d45f2f64 (patch)
tree	47cdaee64f407c6e04010fbc7347f1b262d27be6 /src
parent	785282b5b9dd6b6677feec360b12d5162c203b52 (diff)
download	openbsd-7ccbe9ff89c73fb88bf75fca3085b051d45f2f64.tar.gz openbsd-7ccbe9ff89c73fb88bf75fca3085b051d45f2f64.tar.bz2 openbsd-7ccbe9ff89c73fb88bf75fca3085b051d45f2f64.zip

diff --git a/src/lib/libc/stdlib/malloc.3 b/src/lib/libc/stdlib/malloc.3 index 8305b14d35..caf1da2207 100644 --- a/src/lib/libc/stdlib/malloc.3 +++ b/src/lib/libc/stdlib/malloc.3
@@ -30,9 +30,9 @@
30	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF	30	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31	.\" SUCH DAMAGE.	31	.\" SUCH DAMAGE.
32	.\"	32	.\"
33	.\" $OpenBSD: malloc.3,v 1.81 2014/10/20 19:35:23 schwarze Exp $	33	.\" $OpenBSD: malloc.3,v 1.82 2014/10/22 05:19:27 doug Exp $
34	.\"	34	.\"
35	.Dd $Mdocdate: October 20 2014 $	35	.Dd $Mdocdate: October 22 2014 $
36	.Dt MALLOC 3	36	.Dt MALLOC 3
37	.Os	37	.Os
38	.Sh NAME	38	.Sh NAME
@@ -195,7 +195,7 @@ Consider
195	.Fn calloc	195	.Fn calloc
196	or the extension	196	or the extension
197	.Fn reallocarray	197	.Fn reallocarray
198	when you have multiplication in the	198	when there is multiplication in the
199	.Fa size	199	.Fa size
200	argument of	200	argument of
201	.Fn malloc	201	.Fn malloc
@@ -648,26 +648,25 @@ When using
648	.Fn malloc ,	648	.Fn malloc ,
649	be wary of signed integer and	649	be wary of signed integer and
650	.Vt size_t	650	.Vt size_t
651	overflow especially when you	651	overflow especially when there is multiplication in the
652	have multiplication in the
653	.Fa size	652	.Fa size
654	argument.	653	argument.
655	.Pp	654	.Pp
656	Signed integer overflow will cause undefined behavior which compilers	655	Signed integer overflow will cause undefined behavior which compilers
657	typically handle by wrapping back around to negative numbers.	656	typically handle by wrapping back around to negative numbers.
658	Depending on the input, this can result in allocating more or less	657	Depending on the input, this can result in allocating more or less
659	memory than you intended.	658	memory than intended.
660	.Pp	659	.Pp
661	An unsigned overflow has defined behavior which will wrap back around and you	660	An unsigned overflow has defined behavior which will wrap back around and
662	will receive less memory than you intended.	661	return less memory than intended.
663	.Pp	662	.Pp
664	A signed or unsigned integer overflow is a	663	A signed or unsigned integer overflow is a
665	.Em security	664	.Em security
666	risk if you end up allocating less memory than you intended.	665	risk if less memory is returned than intended.
667	Your code may corrupt the heap by writing beyond the memory that you	666	Subsequent code may corrupt the heap by writing beyond the memory that was
668	were allocated.	667	allocated.
669	An attacker may be able to leverage this heap corruption to convince your	668	An attacker may be able to leverage this heap corruption to execute arbitrary
670	program to execute arbitrary code.	669	code.
671	.Pp	670	.Pp
672	Consider using	671	Consider using
673	.Fn calloc	672	.Fn calloc