diff options
author | Steffan Karger <steffan@karger.me> | 2015-09-21 20:48:33 +0200 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2015-10-04 21:55:29 +0200 |
commit | ddc7692d245017c71adc40ad5cc195617e39fce0 (patch) | |
tree | 2f5549f793513c854f289437d5446314719bf21f /src | |
parent | c40f088e52132273f6d4e83d05fa64bbaedd860f (diff) | |
download | openvpn-ddc7692d245017c71adc40ad5cc195617e39fce0.tar.gz openvpn-ddc7692d245017c71adc40ad5cc195617e39fce0.tar.xz openvpn-ddc7692d245017c71adc40ad5cc195617e39fce0.zip |
Replace strdup() calls for string_alloc() calls
As reported by Bill Parker in trac #600, strdup() return values are not
always correctly checked for failed allocations. This patch adds missing
checks by using string_alloc(), which performs the required checks.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <561130FC.8090008@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10176
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src')
-rw-r--r-- | src/openvpn/buffer.h | 2 | ||||
-rw-r--r-- | src/openvpn/cryptoapi.c | 4 | ||||
-rw-r--r-- | src/openvpn/init.c | 2 | ||||
-rw-r--r-- | src/openvpn/misc.c | 2 | ||||
-rw-r--r-- | src/openvpn/options.c | 2 | ||||
-rw-r--r-- | src/openvpn/ssl_polarssl.c | 2 |
6 files changed, 8 insertions, 6 deletions
diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index 0dc511b..24f52aa 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -898,7 +898,7 @@ gc_reset (struct gc_arena *a) } static inline void -check_malloc_return (void *p) +check_malloc_return (const void *p) { if (!p) out_of_memory (); diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index b7fc11e..1d54ee7 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -46,6 +46,8 @@ #include <ctype.h> #include <assert.h> +#include "buffer.h" + /* MinGW w32api 3.17 is still incomplete when it comes to CryptoAPI while * MinGW32-w64 defines all macros used. This is a hack around that problem. */ @@ -116,7 +118,7 @@ static char *ms_error_text(DWORD ms_err) (LPTSTR) &lpMsgBuf, 0, NULL); if (lpMsgBuf) { char *p; - rv = strdup(lpMsgBuf); + rv = string_alloc(lpMsgBuf, NULL); LocalFree(lpMsgBuf); /* trim to the left */ if (rv) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f568d87..3decd23 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -822,7 +822,7 @@ void init_options_dev (struct options *options) { if (!options->dev && options->dev_node) { - char *dev_node = strdup(options->dev_node); /* POSIX basename() implementaions may modify its arguments */ + char *dev_node = string_alloc(options->dev_node, NULL); /* POSIX basename() implementaions may modify its arguments */ options->dev = basename (dev_node); } } diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index 895e9fa..fd1930a 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -1615,7 +1615,7 @@ argv_extract_cmd_name (const char *path) { if (path) { - char *path_cp = strdup(path); /* POSIX basename() implementaions may modify its arguments */ + char *path_cp = string_alloc(path, NULL); /* POSIX basename() implementaions may modify its arguments */ const char *bn = basename (path_cp); if (bn) { diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 5ace1f3..de4fa38 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2578,7 +2578,7 @@ check_file_access(const int type, const char *file, const int mode, const char * /* Is the directory path leading to the given file accessible? */ if (type & CHKACC_DIRPATH) { - char *fullpath = strdup(file); /* POSIX dirname() implementaion may modify its arguments */ + char *fullpath = string_alloc (file, NULL); /* POSIX dirname() implementaion may modify its arguments */ char *dirpath = dirname(fullpath); if (platform_access (dirpath, mode|X_OK) != 0) diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index dd0fab0..11c9ffb 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -197,7 +197,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) /* Parse allowed ciphers, getting IDs */ i = 0; - tmp_ciphers_orig = tmp_ciphers = strdup(ciphers); + tmp_ciphers_orig = tmp_ciphers = string_alloc (ciphers, NULL); token = strtok (tmp_ciphers, ":"); while(token) |