From b73a3856961f96169e87600ec6bcd95dfdc8be94 Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 27 Aug 2024 10:38:18 +1000
Subject: [PATCH 1/2] Define ISC_ATTR_UNUSED macro for
 __attribute__((__unused__))

The ISC_ATTR_UNUSED macro was missing in BIND 9.18, which
complicated things when backporting merge requests from main.
As __attribute__((__unused__)) is ubiquitous, just define the
macro.
---
 lib/isc/include/isc/attributes.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/isc/include/isc/attributes.h b/lib/isc/include/isc/attributes.h
index abe615223e..f38a558552 100644
--- a/lib/isc/include/isc/attributes.h
+++ b/lib/isc/include/isc/attributes.h
@@ -80,3 +80,5 @@
 #define ISC_ATTR_MALLOC_DEALLOCATOR(deallocator)
 #define ISC_ATTR_MALLOC_DEALLOCATOR_IDX(deallocator, idx)
 #endif /* HAVE_FUNC_ATTRIBUTE_MALLOC */
+
+#define ISC_ATTR_UNUSED __attribute__((__unused__))

From 015b390f62d77192486b4950355df530976f4d40 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@isc.org>
Date: Fri, 23 Aug 2024 06:02:00 +0200
Subject: [PATCH 2/2] Stop using malloc_usable_size and malloc_size
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Although the nanual page of malloc_usable_size says:

    Although the excess bytes can be over‐written by the application
    without ill effects, this is not good programming practice: the
    number of excess bytes in an allocation depends on the underlying
    implementation.

it looks like the premise is broken with _FORTIFY_SOURCE=3 on newer
systems and it might return a value that causes program to stop with
"buffer overflow" detected from the _FORTIFY_SOURCE.  As we do have own
implementation that tracks the allocation size that we can use to track
the allocation size, we can stop relying on this introspection function.

Also the newer manual page for malloc_usable_size changed the NOTES to:

    The value returned by malloc_usable_size() may be greater than the
    requested size of the allocation because of various internal
    implementation details, none of which the programmer should rely on.
    This function is intended to only be used for diagnostics and
    statistics; writing to the excess memory without first calling
    realloc(3) to resize the allocation is not supported.  The returned
    value is only valid at the time of the call.

Remove usage of both malloc_usable_size() and malloc_size() to be on the
safe size and only use the internal size tracking mechanism when
jemalloc is not available.

(cherry picked from commit d61712d14e5aeb179b3ea54a71a599927425732a)
---
 configure.ac            |  3 +-
 lib/isc/jemalloc_shim.h | 72 ++---------------------------------------
 2 files changed, 3 insertions(+), 72 deletions(-)

diff --git a/configure.ac b/configure.ac
index 87640ae43b..1e80fba356 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1301,8 +1301,7 @@ AS_CASE([$with_jemalloc],
 
 AS_IF([test "$with_jemalloc" = "no"],
       [AS_CASE([$host],
-	       [*-freebsd*],[AC_MSG_ERROR([You cannot compile without jemalloc; jemalloc is the system allocator on FreeBSD])])
-       AC_CHECK_FUNCS([malloc_size malloc_usable_size])])
+	       [*-freebsd*],[AC_MSG_ERROR([You cannot compile without jemalloc; jemalloc is the system allocator on FreeBSD])])])
 
 AM_CONDITIONAL([HAVE_JEMALLOC], [test "$with_jemalloc" = "yes"])
 
diff --git a/lib/isc/jemalloc_shim.h b/lib/isc/jemalloc_shim.h
index 493bf5ffc0..9f7bc9db31 100644
--- a/lib/isc/jemalloc_shim.h
+++ b/lib/isc/jemalloc_shim.h
@@ -27,67 +27,6 @@ const char *malloc_conf = NULL;
 #define MALLOCX_TCACHE_NONE (0)
 #define MALLOCX_ARENA(a)    (0)
 
-#if defined(HAVE_MALLOC_SIZE) || defined(HAVE_MALLOC_USABLE_SIZE)
-
-#include <stdlib.h>
-
-static inline void *
-mallocx(size_t size, int flags) {
-	UNUSED(flags);
-
-	return (malloc(size));
-}
-
-static inline void
-sdallocx(void *ptr, size_t size, int flags) {
-	UNUSED(size);
-	UNUSED(flags);
-
-	free(ptr);
-}
-
-static inline void *
-rallocx(void *ptr, size_t size, int flags) {
-	UNUSED(flags);
-	REQUIRE(size != 0);
-
-	return (realloc(ptr, size));
-}
-
-#ifdef HAVE_MALLOC_SIZE
-
-#include <malloc/malloc.h>
-
-static inline size_t
-sallocx(void *ptr, int flags) {
-	UNUSED(flags);
-
-	return (malloc_size(ptr));
-}
-
-#elif HAVE_MALLOC_USABLE_SIZE
-
-#ifdef __DragonFly__
-/*
- * On DragonFly BSD 'man 3 malloc' advises us to include the following
- * header to have access to malloc_usable_size().
- */
-#include <malloc_np.h>
-#else
-#include <malloc.h>
-#endif
-
-static inline size_t
-sallocx(void *ptr, int flags) {
-	UNUSED(flags);
-
-	return (malloc_usable_size(ptr));
-}
-
-#endif /* HAVE_MALLOC_SIZE */
-
-#else /* defined(HAVE_MALLOC_SIZE) || defined (HAVE_MALLOC_USABLE_SIZE) */
-
 #include <stdlib.h>
 
 typedef union {
@@ -111,21 +50,16 @@ mallocx(size_t size, int flags) {
 }
 
 static inline void
-sdallocx(void *ptr, size_t size, int flags) {
+sdallocx(void *ptr, size_t size ISC_ATTR_UNUSED, int flags ISC_ATTR_UNUSED) {
 	size_info *si = &(((size_info *)ptr)[-1]);
 
-	UNUSED(size);
-	UNUSED(flags);
-
 	free(si);
 }
 
 static inline size_t
-sallocx(void *ptr, int flags) {
+sallocx(void *ptr, int flags ISC_ATTR_UNUSED) {
 	size_info *si = &(((size_info *)ptr)[-1]);
 
-	UNUSED(flags);
-
 	return (si[0].size);
 }
 
@@ -144,6 +78,4 @@ rallocx(void *ptr, size_t size, int flags) {
 	return (ptr);
 }
 
-#endif /* defined(HAVE_MALLOC_SIZE) || defined (HAVE_MALLOC_USABLE_SIZE) */
-
 #endif /* !defined(HAVE_JEMALLOC) */