1.47b: performance and compilation changes

- Minor tweaks around compiler warnings, etc.
- Versioned directories now in use.
- malloc_usable_size ditched in favor of djm's trick.
- Minor performance tweaks as suggested by Jeff Johnson.

ChangeLog

@@ -1,3 +1,14 @@
+Version 1.47b:
+--------------
+
+  - Minor tweaks around compiler warnings, etc.
+
+  - Versioned directories now in use.
+
+  - malloc_usable_size ditched in favor of djm's trick.
+
+  - Minor performance tweaks as suggested by Jeff Johnson.
+
 Version 1.46b:
 --------------
 

Makefile

@@ -20,13 +20,15 @@
 #
 
 PROGNAME   = skipfish
+VERSION    = 1.47b
 
 OBJFILES   = http_client.c database.c crawler.c analysis.c report.c
 INCFILES   = alloc-inl.h string-inl.h debug.h types.h http_client.h \
              database.h crawler.h analysis.h config.h report.h
 
 CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -I/usr/local/include/ \
-             -I/opt/local/include/ $(CFLAGS) -D_FORTIFY_SOURCE=0
+             -I/opt/local/include/ $(CFLAGS) -D_FORTIFY_SOURCE=0 \
+             -DVERSION=\"$(VERSION)\"
 CFLAGS_DBG = -DLOG_STDERR=1 -DDEBUG_ALLOCATOR=1 $(CFLAGS_GEN) 
 CFLAGS_OPT = -O3 -Wno-format $(CFLAGS_GEN)
 
@@ -59,5 +61,6 @@ same_test: same_test.c $(OBJFILES) $(INCFILES)
 	      $(LIBS)
 
 publish: clean
-	cd ..; tar cfvz ~/www/skipfish.tgz skipfish
+	cd ..; rm -rf skipfish-$(VERSION); cp -pr skipfish skipfish-$(VERSION); \
+	  tar cfvz ~/www/skipfish.tgz skipfish-$(VERSION)
 	chmod 644 ~/www/skipfish.tgz

alloc-inl.h

@@ -27,17 +27,6 @@
 #define _HAVE_ALLOC_INL_H
 
 #include <stdlib.h>
-
-#ifndef __FreeBSD__
-#ifdef __APPLE__
-#include <malloc/malloc.h>
-#else
-#include <malloc.h>
-#endif /* __APPLE__ */
-#else
-#include <malloc_np.h>
-#endif /* ^__FreeBSD__ */
-
 #include <string.h>
 
 #include "config.h"
@@ -54,47 +43,55 @@
       FATAL("out of memory: can't allocate %u bytes", (_s)); \
   } while (0)
 
-#ifdef __APPLE__
-#define malloc_usable_size malloc_size
-#endif /* __APPLE__ */
+
+#define ALLOC_MAGIC   0xFF00
+#define ALLOC_C(_ptr) (((u16*)(_ptr))[-3])
+#define ALLOC_S(_ptr) (((u32*)(_ptr))[-1])
 
 static inline void* __DFL_ck_alloc(u32 size) {
   void* ret;
-  u32   usable;
 
   if (!size) return NULL;
 
   ALLOC_CHECK_SIZE(size);
-  ret = malloc(size);
+  ret = malloc(size + 6);
   ALLOC_CHECK_RESULT(ret, size);
 
-  usable = malloc_usable_size(ret);
-  memset(ret, 0, usable);
+  ret += 6;
 
-  return ret;
+  ALLOC_C(ret) = ALLOC_MAGIC;
+  ALLOC_S(ret) = size;
+
+  return memset(ret, 0, size);
 }
 
 
 static inline void* __DFL_ck_realloc(void* orig, u32 size) {
   void* ret;
-  u32   old_usable = 0,
-        new_usable;
+  u32   old_size = 0;
 
   if (!size) {
-    free(orig);
+    if (orig) free(orig - 6);
     return NULL;
   }
 
-  if (orig) old_usable = malloc_usable_size(orig);
+  if (orig) {
+    if (ALLOC_C(orig) != ALLOC_MAGIC) FATAL("Bad alloc canary");
+    old_size = ALLOC_S(orig);
+    orig -= 6;
+  }
 
   ALLOC_CHECK_SIZE(size);
-  ret = realloc(orig, size);
+  ret = realloc(orig, size + 6);
   ALLOC_CHECK_RESULT(ret, size);
 
-  new_usable = malloc_usable_size(ret);
+  ret += 6;
 
-  if (new_usable > old_usable)
-    memset(ret + old_usable, 0, new_usable - old_usable);
+  ALLOC_C(ret) = ALLOC_MAGIC;
+  ALLOC_S(ret) = size;
+
+  if (size > old_size)
+    memset(ret + old_size, 0, size - old_size);
 
   return ret;
 }
@@ -103,45 +100,44 @@ static inline void* __DFL_ck_realloc(void* orig, u32 size) {
 static inline void* __DFL_ck_strdup(u8* str) {
   void* ret;
   u32   size;
-  u32   usable;
 
   if (!str) return NULL;
 
   size = strlen((char*)str) + 1;
 
   ALLOC_CHECK_SIZE(size);
-  ret = malloc(size);
+  ret = malloc(size + 6);
   ALLOC_CHECK_RESULT(ret, size);
 
-  usable = malloc_usable_size(ret);
+  ret += 6;
 
-  memcpy(ret, str, size);
+  ALLOC_C(ret) = ALLOC_MAGIC;
+  ALLOC_S(ret) = size;
 
-  if (usable > size)
-    memset(ret + size, 0, usable - size);
-
-  return ret;
+  return memcpy(ret, str, size);
 }
 
 
 static inline void* __DFL_ck_memdup(u8* mem, u32 size) {
   void* ret;
-  u32   usable;
 
   if (!mem || !size) return NULL;
 
   ALLOC_CHECK_SIZE(size);
-  ret = malloc(size);
+  ret = malloc(size + 6);
   ALLOC_CHECK_RESULT(ret, size);
+  
+  ret += 6;
 
-  usable = malloc_usable_size(ret);
+  ALLOC_C(ret) = ALLOC_MAGIC;
+  ALLOC_S(ret) = size;
 
-  memcpy(ret, mem, size);
+  return memcpy(ret, mem, size);
+}
 
-  if (usable > size)
-    memset(ret + size, 0, usable - size);
 
-  return ret;
+static inline void __DFL_ck_free(void* mem) {
+  if (mem) free(mem - 6);
 }
 
 
@@ -153,7 +149,7 @@ static inline void* __DFL_ck_memdup(u8* mem, u32 size) {
 #define ck_realloc      __DFL_ck_realloc
 #define ck_strdup       __DFL_ck_strdup
 #define ck_memdup       __DFL_ck_memdup
-#define ck_free         free
+#define ck_free         __DFL_ck_free
 
 #else
 
@@ -281,7 +277,7 @@ static inline void* __AD_ck_memdup(u8* mem, u32 size, const char* file,
 static inline void __AD_ck_free(void* ptr, const char* file,
                                 const char* func, u32 line) {
   __AD_free_buf(ptr, file, func, line);
-  free(ptr);
+  __DFL_ck_free(ptr);
 }
 
 

config.h

@@ -23,8 +23,6 @@
 #ifndef _HAVE_CONFIG_H
 #define _HAVE_CONFIG_H
 
-#define VERSION "1.46b"
-
 #define USE_COLOR               1       /* Use terminal colors             */
 
 /* Default paths to runtime files: */

database.c

@@ -1321,7 +1321,7 @@ static void dealloc_pivots(struct pivot_desc* cur) {
 u8* new_xss_tag(u8* prefix) {
   static u8* ret;
 
-  if (ret) free(ret);
+  if (ret) __DFL_ck_free(ret);
   ret = __DFL_ck_alloc((prefix ? strlen((char*)prefix) : 0) + 32);
 
   if (!scan_id) scan_id = R(999999) + 1;

http_client.c

@@ -1144,7 +1144,9 @@ void fprint_response(struct http_response* res) {
 
   for (i=0;i<res->pay_len;i++)
 
-    if (res->payload[i] <= 0x20 || strchr("<>'\"", res->payload[i])) {
+    if (res->payload[i] <= 0x20 || 
+        res->payload[i] == '<'  || res->payload[i] == '>' ||
+        res->payload[i] == '\'' || res->payload[i] == '"') {
       if (!in_space) {
         in_space = 1;
         if (c_len <= FP_MAX_LEN)
@@ -1927,20 +1929,22 @@ u32 next_from_queue(void) {
 
   if (conn_cur) {
     static struct pollfd* p;
+
     struct conn_entry* c = conn;
     u32 i = 0;
 
     /* First, go through all connections, handle connects, SSL handshakes, data
        reads and writes, and exceptions. */
 
-    if (p) free(p);
-    p = __DFL_ck_alloc(sizeof(struct pollfd) * conn_cur);
+    if (!p)
+      p = __DFL_ck_alloc(sizeof(struct pollfd) * max_connections);
 
     while (c) {
       p[i].fd = c->fd;
       p[i].events = POLLIN | POLLERR | POLLHUP;
       if (c->write_len - c->write_off || c->SSL_rd_w_wr)
         p[i].events |= POLLOUT;
+      p[i].revents = 0;
       c = c->next;
       i++;
     }
@@ -2445,7 +2449,7 @@ void http_stats(u64 st_time) {
   struct timeval tv;
 
   gettimeofday(&tv, NULL);
-  en_time = tv.tv_sec * 1000L + tv.tv_usec / 1000L;
+  en_time = tv.tv_sec * 1000LL + tv.tv_usec / 1000;
 
   SAY(cLBL "Scan statistics:\n\n"
       cGRA "      Scan time : " cNOR "%u:%02u:%02u.%04u\n"
@@ -2467,10 +2471,12 @@ void http_stats(u64 st_time) {
 
       req_count - queue_cur,
       (float) (req_count - queue_cur / 1.15) * 1000 / (en_time - st_time + 1),
-      bytes_recv / 1024, bytes_sent / 1024,
+      (unsigned long long int) bytes_recv / 1024,
+      (unsigned long long int) bytes_sent / 1024,
       (float) (bytes_recv + bytes_sent) / 1.024 / (en_time - st_time + 1),
 
-      bytes_deflated / 1024, bytes_inflated / 1024,
+      (unsigned long long int) bytes_deflated / 1024,
+      (unsigned long long int) bytes_inflated / 1024,
       ((float) bytes_inflated - bytes_deflated) / (bytes_inflated +
       bytes_deflated + 1) * 100,
 

http_client.h

@@ -239,12 +239,12 @@ struct dns_entry {
 
 #define FREE(_ar) do { \
     while ((_ar)->c--) { \
-      free((_ar)->n[(_ar)->c]); \
-      free((_ar)->v[(_ar)->c]); \
+      ck_free((_ar)->n[(_ar)->c]); \
+      ck_free((_ar)->v[(_ar)->c]); \
     } \
-    free((_ar)->t); \
-    free((_ar)->n); \
-    free((_ar)->v); \
+    ck_free((_ar)->t); \
+    ck_free((_ar)->n); \
+    ck_free((_ar)->v); \
   } while (0)
 
 

report.c

@@ -312,7 +312,7 @@ static inline u8* js_escape(u8* str) {
 
   len = strlen((char*)str);
 
-  if (ret) free(ret);
+  if (ret) __DFL_ck_free(ret);
   opos = ret = __DFL_ck_alloc(len * 4 + 1);
 
   while (len--) {

skipfish.c

@@ -447,7 +447,7 @@ int main(int argc, char** argv) {
   fcntl(0, F_SETFL, O_NONBLOCK);
 
   gettimeofday(&tv, NULL);
-  st_time = tv.tv_sec * 1000L + tv.tv_usec / 1000L;
+  st_time = tv.tv_sec * 1000LL + tv.tv_usec / 1000;
 
   if (!be_quiet) SAY("\x1b[H\x1b[J");
     else SAY(cLGN "[*] " cBRI "Scan in progress, please stay tuned...\n");
@@ -521,6 +521,9 @@ int main(int argc, char** argv) {
 
   fflush(0);
 
+  EVP_cleanup();
+  CRYPTO_cleanup_all_ex_data();
+
   return 0;
 
 }

string-inl.h

@@ -109,7 +109,7 @@ static inline void* inl_memmem(const void* haystack, u32 h_len,
 
 #define ADD_STR_DATA(_buf_ptr, _buf_len, _str) do { \
     u32 _sl = strlen((char*)_str); \
-    if ((_buf_len) + (_sl) + 1 > malloc_usable_size(_buf_ptr)) { \
+    if ((_buf_len) + (_sl) + 1 > ALLOC_S(_buf_ptr)) { \
       u32 _nsiz = ((_buf_len) + _sl + 1024) >> 10 << 10; \
       (_buf_ptr)  = ck_realloc(_buf_ptr, _nsiz); \
     } \