Protect malloc, realloc and free calls with INT{ON,OFF} directly in chkalloc,

ckrealloc and ckfree (added), respectively.  sh jumps out of the signal handler
using longjmp which is obviously a bad idea during malloc calls.

Note: I think there is still a small race here because volatile sig_atomic_t
only guarantees atomic reads and writes while we're doing increments and
decrements.

Protect a setmode call with INT{ON,OFF} as it calls malloc internally.

PR:		45478
Patch from:	Nate Eldredge

bin/sh/memalloc.c

@@ -57,7 +57,10 @@ ckmalloc(int nbytes)
 {
 	pointer p;
 
-	if ((p = malloc(nbytes)) == NULL)
+	INTOFF;
+	p = malloc(nbytes);
+	INTON;
+	if (p == NULL)
 		error("Out of space");
 	return p;
 }
@@ -70,11 +73,22 @@ ckmalloc(int nbytes)
 pointer
 ckrealloc(pointer p, int nbytes)
 {
-	if ((p = realloc(p, nbytes)) == NULL)
+	INTOFF;
+	p = realloc(p, nbytes);
+	INTON;
+	if (p == NULL)
 		error("Out of space");
 	return p;
 }
 
+void
+ckfree(pointer p)
+{
+	INTOFF;
+	free(p);
+	INTON;
+}
+
 
 /*
  * Make a copy of a string in safe storage.

bin/sh/memalloc.h

@@ -48,6 +48,7 @@ extern int herefd;
 
 pointer ckmalloc(int);
 pointer ckrealloc(pointer, int);
+void ckfree(pointer);
 char *savestr(char *);
 pointer stalloc(int);
 void stunalloc(pointer);
@@ -72,5 +73,3 @@ void ungrabstackstr(char *, char *);
 #define STTOPC(p)	p[-1]
 #define STADJUST(amount, p)	(p += (amount), sstrnleft -= (amount))
 #define grabstackstr(p)	stalloc(stackblocksize() - sstrnleft)
-
-#define ckfree(p)	free((pointer)(p))

bin/sh/miscbltin.c

@@ -274,12 +274,14 @@ umaskcmd(int argc __unused, char **argv)
 			umask(mask);
 		} else {
 			void *set;
+			INTOFF;
 			if ((set = setmode (ap)) == 0)
 				error("Illegal number: %s", ap);
 
 			mask = getmode (set, ~mask & 0777);
 			umask(~mask & 0777);
 			free(set);
+			INTON;
 		}
 	}
 	return 0;