From ace00b6c24ff042478c6f0aabf390fb878a05960 Mon Sep 17 00:00:00 2001
From: otto <>
Date: Sun, 26 Mar 2017 09:21:33 +0000
Subject: Stop enumeration all allocation functions, just say "allocation
 functions" ok jmc@ deraadt@

---
 src/lib/libc/stdlib/malloc.3 | 45 +++++++++++++-------------------------------
 1 file changed, 13 insertions(+), 32 deletions(-)

(limited to 'src/lib/libc/stdlib/malloc.3')

diff --git a/src/lib/libc/stdlib/malloc.3 b/src/lib/libc/stdlib/malloc.3
index 3c4d01f816..09b901e359 100644
--- a/src/lib/libc/stdlib/malloc.3
+++ b/src/lib/libc/stdlib/malloc.3
@@ -30,9 +30,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"	$OpenBSD: malloc.3,v 1.106 2017/03/24 16:17:50 otto Exp $
+.\"	$OpenBSD: malloc.3,v 1.107 2017/03/26 09:21:33 otto Exp $
 .\"
-.Dd $Mdocdate: March 24 2017 $
+.Dd $Mdocdate: March 26 2017 $
 .Dt MALLOC 3
 .Os
 .Sh NAME
@@ -164,20 +164,11 @@ pointer, no action occurs.
 If
 .Fa ptr
 was previously freed by
-.Fn free ,
-.Fn realloc ,
-.Fn reallocarray
-or
-.Fn recallocarray ,
+.Fn free
+or an allocation function,
 the behavior is undefined and the double free is a security concern.
 .Sh RETURN VALUES
-Upon successful completion, the functions
-.Fn malloc ,
-.Fn calloc ,
-.Fn realloc ,
-.Fn reallocarray
-and
-.Fn recallocarray
+Upon successful completion, the allocation functions
 return a pointer to the allocated space; otherwise, a
 .Dv NULL
 pointer is returned and
@@ -380,9 +371,10 @@ if ((p = malloc(size * num)) == NULL)
 Assuming the implementation checks for integer overflow as
 .Ox
 does, it is much easier to use
-.Fn calloc
+.Fn calloc ,
+.Fn reallocarray ,
 or
-.Fn reallocarray .
+.Fn recallocarray .
 .Pp
 The above examples could be simplified to:
 .Bd -literal -offset indent
@@ -396,14 +388,7 @@ if ((p = calloc(num, size)) == NULL)
 	err(1, NULL);
 .Ed
 .Sh DIAGNOSTICS
-If
-.Fn malloc ,
-.Fn calloc ,
-.Fn realloc ,
-.Fn reallocarray ,
-or
-.Fn free
-detect an error condition,
+If any of the functions detect an error condition,
 a message will be printed to file descriptor
 2 (not using stdio).
 Errors will result in the process being aborted.
@@ -413,12 +398,7 @@ Here is a brief description of the error messages and what they mean:
 .It Dq out of memory
 If the
 .Cm X
-option is specified it is an error for
-.Fn malloc ,
-.Fn calloc ,
-.Fn realloc ,
-or
-.Fn reallocarray
+option is specified it is an error for the allocation functions
 to return
 .Dv NULL .
 .It Dq malloc init mmap failed
@@ -588,9 +568,10 @@ An attacker may be able to leverage this heap corruption to execute arbitrary
 code.
 .Pp
 Consider using
-.Fn calloc
-or
+.Fn calloc ,
 .Fn reallocarray
+or
+.Fn recallocarray
 instead of using multiplication in
 .Fn malloc
 and
-- 
cgit v1.2.3-55-g6feb