diff options
author | Steffan Karger <steffan@karger.me> | 2015-09-21 20:48:33 +0200 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2015-10-04 21:58:06 +0200 |
commit | 6d4920e9d36675ff515da17c1eb301d22d07b489 (patch) | |
tree | 419f752e1c0176146a5c230426f6ada452b10f57 | |
parent | 60287662bbdb1a29d9bd6244917a050410fa6b49 (diff) | |
download | openvpn-6d4920e9d36675ff515da17c1eb301d22d07b489.tar.gz openvpn-6d4920e9d36675ff515da17c1eb301d22d07b489.tar.xz openvpn-6d4920e9d36675ff515da17c1eb301d22d07b489.zip |
Replace strdup() calls for string_alloc() calls
As reported by Bill Parker in trac #600, strdup() return values are not
always correctly checked for failed allocations. This patch adds missing
checks by using string_alloc(), which performs the required checks.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <561130FC.8090008@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10176
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit ddc7692d245017c71adc40ad5cc195617e39fce0)
-rw-r--r-- | src/openvpn/buffer.h | 2 | ||||
-rw-r--r-- | src/openvpn/cryptoapi.c | 4 | ||||
-rw-r--r-- | src/openvpn/init.c | 2 | ||||
-rw-r--r-- | src/openvpn/misc.c | 2 | ||||
-rw-r--r-- | src/openvpn/options.c | 2 | ||||
-rw-r--r-- | src/openvpn/ssl_polarssl.c | 2 |
6 files changed, 8 insertions, 6 deletions
diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index d306a04..58f0601 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -873,7 +873,7 @@ gc_reset (struct gc_arena *a) } static inline void -check_malloc_return (void *p) +check_malloc_return (const void *p) { if (!p) out_of_memory (); diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index b7fc11e..1d54ee7 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -46,6 +46,8 @@ #include <ctype.h> #include <assert.h> +#include "buffer.h" + /* MinGW w32api 3.17 is still incomplete when it comes to CryptoAPI while * MinGW32-w64 defines all macros used. This is a hack around that problem. */ @@ -116,7 +118,7 @@ static char *ms_error_text(DWORD ms_err) (LPTSTR) &lpMsgBuf, 0, NULL); if (lpMsgBuf) { char *p; - rv = strdup(lpMsgBuf); + rv = string_alloc(lpMsgBuf, NULL); LocalFree(lpMsgBuf); /* trim to the left */ if (rv) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 71c91a2..2181735 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -840,7 +840,7 @@ void init_options_dev (struct options *options) { if (!options->dev && options->dev_node) { - char *dev_node = strdup(options->dev_node); /* POSIX basename() implementaions may modify its arguments */ + char *dev_node = string_alloc(options->dev_node, NULL); /* POSIX basename() implementaions may modify its arguments */ options->dev = basename (dev_node); } } diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index f20d059..bca5e42 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -1647,7 +1647,7 @@ argv_extract_cmd_name (const char *path) { if (path) { - char *path_cp = strdup(path); /* POSIX basename() implementaions may modify its arguments */ + char *path_cp = string_alloc(path, NULL); /* POSIX basename() implementaions may modify its arguments */ const char *bn = basename (path_cp); if (bn) { diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 7ff5f77..019ae6c 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2617,7 +2617,7 @@ check_file_access(const int type, const char *file, const int mode, const char * /* Is the directory path leading to the given file accessible? */ if (type & CHKACC_DIRPATH) { - char *fullpath = strdup(file); /* POSIX dirname() implementaion may modify its arguments */ + char *fullpath = string_alloc (file, NULL); /* POSIX dirname() implementaion may modify its arguments */ char *dirpath = dirname(fullpath); if (platform_access (dirpath, mode|X_OK) != 0) diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index 30c7395..562ace0 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -191,7 +191,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) /* Parse allowed ciphers, getting IDs */ i = 0; - tmp_ciphers_orig = tmp_ciphers = strdup(ciphers); + tmp_ciphers_orig = tmp_ciphers = string_alloc (ciphers, NULL); token = strtok (tmp_ciphers, ":"); while(token) |