diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-02-09 00:43:35 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-02-09 00:43:35 -0500 |
| commit | 7905cd6a2eddbf264242bb2a85f811878b2da7ab (patch) | |
| tree | 72b4028cbe0e399e1d293e2b718530913f0a2673 /src | |
| parent | 92e2bac0f38f7f60a8fc74b5964357212c4289e1 (diff) | |
| download | krb5-7905cd6a2eddbf264242bb2a85f811878b2da7ab.tar.gz krb5-7905cd6a2eddbf264242bb2a85f811878b2da7ab.tar.xz krb5-7905cd6a2eddbf264242bb2a85f811878b2da7ab.zip | |
Add and use k5memdup, k5memdup0 helpers
Add k5-int.h static functions to duplicate byte ranges, optionally
with a trailing zero byte, and set an error code like k5alloc does.
Use them where they would shorten existing code.
Diffstat (limited to 'src')
38 files changed, 125 insertions, 211 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 9da1b63b66..9136bfc0e2 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -2571,6 +2571,28 @@ k5alloc(size_t len, krb5_error_code *code) return ptr; } +/* Return a copy of the len bytes of memory at in; set *code to 0 or ENOMEM. */ +static inline void * +k5memdup(const void *in, size_t len, krb5_error_code *code) +{ + void *ptr = k5alloc(len, code); + + if (ptr != NULL) + memcpy(ptr, in, len); + return ptr; +} + +/* Like k5memdup, but add a final null byte. */ +static inline void * +k5memdup0(const void *in, size_t len, krb5_error_code *code) +{ + void *ptr = k5alloc(len + 1, code); + + if (ptr != NULL) + memcpy(ptr, in, len); + return ptr; +} + krb5_error_code KRB5_CALLCONV krb5_get_credentials_for_user(krb5_context context, krb5_flags options, krb5_ccache ccache, diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c index 5b5bd9b90c..15b0ab5a38 100644 --- a/src/kadmin/server/schpw.c +++ b/src/kadmin/server/schpw.c @@ -216,10 +216,7 @@ process_chpw_request(krb5_context context, void *server_handle, char *realm, /* change the password */ - ptr = (char *) malloc(clear.length+1); - memcpy(ptr, clear.data, clear.length); - ptr[clear.length] = '\0'; - + ptr = k5memdup0(clear.data, clear.length, &ret); ret = schpw_util_wrapper(server_handle, client, target, (ticket->enc_part2->flags & TKT_FLG_INITIAL) != 0, ptr, NULL, strresult, sizeof(strresult)); diff --git a/src/kdc/fast_util.c b/src/kdc/fast_util.c index 1dd5f3ebf3..40c5783035 100644 --- a/src/kdc/fast_util.c +++ b/src/kdc/fast_util.c @@ -256,15 +256,12 @@ kdc_find_fast(krb5_kdc_req **requestptr, } else { new_padata->pa_type = KRB5_PADATA_FX_COOKIE; new_padata->length = cookie_padata->length; - new_padata->contents = malloc(new_padata->length); - if (new_padata->contents == NULL) { - retval = ENOMEM; + new_padata->contents = + k5memdup(cookie_padata->contents, new_padata->length, &retval); + if (new_padata->contents == NULL) free(new_padata); - } else { - memcpy(new_padata->contents, cookie_padata->contents, - new_padata->length); + else state->cookie = new_padata; - } } } if (retval == 0 && inner_body_out != NULL) { diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index 848d0bdccc..c2bcab9f3b 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -1586,12 +1586,10 @@ return_pw_salt(krb5_context context, krb5_pa_data *in_padata, padata->magic = KV5M_PA_DATA; if (salttype == KRB5_KDB_SALTTYPE_AFS3) { - padata->contents = k5alloc(salt->length + 1, &retval); + padata->contents = k5memdup0(salt->data, salt->length, &retval); if (padata->contents == NULL) goto cleanup; - memcpy(padata->contents, salt->data, salt->length); padata->pa_type = KRB5_PADATA_AFS3_SALT; - padata->contents[salt->length] = '\0'; padata->length = salt->length + 1; } else { padata->pa_type = KRB5_PADATA_PW_SALT; diff --git a/src/lib/crypto/krb/checksum_confounder.c b/src/lib/crypto/krb/checksum_confounder.c index 116b3c7ff0..afc473bfe3 100644 --- a/src/lib/crypto/krb/checksum_confounder.c +++ b/src/lib/crypto/krb/checksum_confounder.c @@ -41,10 +41,10 @@ mk_xorkey(krb5_key origkey, krb5_key *xorkey) krb5_keyblock xorkeyblock; size_t i = 0; - xorbytes = malloc(origkey->keyblock.length); + xorbytes = k5memdup(origkey->keyblock.contents, origkey->keyblock.length, + &retval); if (xorbytes == NULL) - return ENOMEM; - memcpy(xorbytes, origkey->keyblock.contents, origkey->keyblock.length); + return retval; for (i = 0; i < origkey->keyblock.length; i++) xorbytes[i] ^= 0xf0; @@ -118,7 +118,7 @@ krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, krb5_crypto_iov *hash_iov = NULL, iov; size_t blocksize = ctp->enc->block_size, hashsize = ctp->hash->hashsize; - plaintext = k5alloc(input->length, &ret); + plaintext = k5memdup(input->data, input->length, &ret); if (plaintext == NULL) return ret; @@ -129,7 +129,6 @@ krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, /* Decrypt the input checksum. */ iov.flags = KRB5_CRYPTO_TYPE_DATA; iov.data = make_data(plaintext, input->length); - memcpy(plaintext, input->data, input->length); ret = ctp->enc->decrypt(xorkey, NULL, &iov, 1); if (ret != 0) goto cleanup; diff --git a/src/lib/crypto/krb/derive.c b/src/lib/crypto/krb/derive.c index 1509f42250..f15fec1a29 100644 --- a/src/lib/crypto/krb/derive.c +++ b/src/lib/crypto/krb/derive.c @@ -52,7 +52,7 @@ add_cached_dkey(krb5_key key, const krb5_data *constant, dkent = malloc(sizeof(*dkent)); if (dkent == NULL) goto cleanup; - data = malloc(constant->length); + data = k5memdup(constant->data, constant->length, &ret); if (data == NULL) goto cleanup; ret = krb5_k_create_key(NULL, dkeyblock, &dkey); @@ -60,7 +60,6 @@ add_cached_dkey(krb5_key key, const krb5_data *constant, goto cleanup; /* Add the new entry to the list. */ - memcpy(data, constant->data, constant->length); dkent->dkey = dkey; dkent->constant.data = data; dkent->constant.length = constant->length; diff --git a/src/lib/crypto/krb/enc_old.c b/src/lib/crypto/krb/enc_old.c index e7160b1692..b44a3994f0 100644 --- a/src/lib/crypto/krb/enc_old.c +++ b/src/lib/crypto/krb/enc_old.c @@ -166,10 +166,9 @@ krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key, /* Save the checksum, then zero it out in the plaintext. */ checksum = make_data(header->data.data + enc->block_size, hash->hashsize); - saved_checksum = k5alloc(hash->hashsize, &ret); + saved_checksum = k5memdup(checksum.data, checksum.length, &ret); if (saved_checksum == NULL) goto cleanup; - memcpy(saved_checksum, checksum.data, checksum.length); memset(checksum.data, 0, checksum.length); /* diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c index 31f705d824..04d70a64b6 100644 --- a/src/lib/gssapi/krb5/gssapi_krb5.c +++ b/src/lib/gssapi/krb5/gssapi_krb5.c @@ -800,16 +800,13 @@ krb5_gss_authorize_localname(OM_uint32 *minor, return GSS_S_FAILURE; } - user = k5alloc(local_user->length + 1, &code); + user = k5memdup0(local_user->value, local_user->length, &code); if (user == NULL) { *minor = code; krb5_free_context(context); return GSS_S_FAILURE; } - memcpy(user, local_user->value, local_user->length); - user[local_user->length] = '\0'; - user_ok = krb5_kuserok(context, kname->princ, user); free(user); diff --git a/src/lib/gssapi/krb5/import_cred.c b/src/lib/gssapi/krb5/import_cred.c index 4de6fa65e5..ad9a1110e9 100644 --- a/src/lib/gssapi/krb5/import_cred.c +++ b/src/lib/gssapi/krb5/import_cred.c @@ -614,14 +614,12 @@ krb5_gss_import_cred(OM_uint32 *minor_status, gss_buffer_t token, } /* Decode token. */ - copy = malloc(token->length + 1); + copy = k5memdup0(token->value, token->length, &ret); if (copy == NULL) { status = GSS_S_FAILURE; - *minor_status = ENOMEM; + *minor_status = ret; goto cleanup; } - memcpy(copy, token->value, token->length); - copy[token->length] = '\0'; v = k5_json_decode(copy); if (v == NULL) goto invalid; diff --git a/src/lib/gssapi/krb5/import_name.c b/src/lib/gssapi/krb5/import_name.c index 394aca4fe5..3f5492b99f 100644 --- a/src/lib/gssapi/krb5/import_name.c +++ b/src/lib/gssapi/krb5/import_name.c @@ -196,14 +196,12 @@ krb5_gss_import_name(minor_status, input_name_buffer, stringrep = NULL; - tmp = k5alloc(input_name_buffer->length + 1, &code); + tmp = k5memdup0(input_name_buffer->value, input_name_buffer->length, + &code); if (tmp == NULL) goto cleanup; tmp2 = NULL; - memcpy(tmp, input_name_buffer->value, input_name_buffer->length); - tmp[input_name_buffer->length] = '\0'; - /* Find the appropriate string rep to pass into parse_name. */ if ((input_name_type == GSS_C_NULL_OID) || g_OID_equal(input_name_type, gss_nt_krb5_name) || diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c index 535311eb97..f44f0d2cf9 100644 --- a/src/lib/gssapi/krb5/naming_exts.c +++ b/src/lib/gssapi/krb5/naming_exts.c @@ -162,11 +162,9 @@ kg_acceptor_princ(krb5_context context, krb5_gss_name_t name, /* If a host was given, we have to use the canonicalized form of it (as * given by krb5_sname_to_principal) for backward compatibility. */ const krb5_data *d = &name->princ->data[1]; - tmp = k5alloc(d->length + 1, &code); + tmp = k5memdup0(d->data, d->length, &code); if (tmp == NULL) return ENOMEM; - memcpy(tmp, d->data, d->length); - tmp[d->length] = '\0'; host = tmp; } else /* No host was given; use an empty string. */ host = ""; diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 2000fe441c..6d90628dcf 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -245,12 +245,10 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy, ks_tuple = handle->params.keysalts; } /* Dup the requested or defaulted keysalt tuples. */ - new_ks_tuple = malloc(n_ks_tuple * sizeof(*new_ks_tuple)); - if (new_ks_tuple == NULL) { - ret = ENOMEM; + new_ks_tuple = k5memdup(ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple), + &ret); + if (new_ks_tuple == NULL) goto cleanup; - } - memcpy(new_ks_tuple, ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple)); new_n_ks_tuple = n_ks_tuple; ret = 0; goto cleanup; diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index 2a040fc57c..e1ee5f9ff9 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -1167,16 +1167,13 @@ krb5_db_fetch_mkey(krb5_context context, krb5_principal mname, if (retval) goto clean_n_exit; - key->contents = malloc(tmp_key.length); - if (key->contents == NULL) { - retval = ENOMEM; + key->contents = k5memdup(tmp_key.contents, tmp_key.length, &retval); + if (key->contents == NULL) goto clean_n_exit; - } key->magic = tmp_key.magic; key->enctype = tmp_key.enctype; key->length = tmp_key.length; - memcpy(key->contents, tmp_key.contents, tmp_key.length); } clean_n_exit: diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c index ee01d9d21c..9a7f757f96 100644 --- a/src/lib/kdb/kdb_default.c +++ b/src/lib/kdb/kdb_default.c @@ -361,12 +361,12 @@ krb5_db_def_fetch_mkey_keytab(krb5_context context, * kt_ent will be free'd so need to allocate and copy key contents for * output to caller. */ - if (!(key->contents = (krb5_octet *)malloc(key->length))) { - retval = ENOMEM; + key->contents = k5memdup(kt_ent.key.contents, kt_ent.key.length, + &retval); + if (key->contents == NULL) { krb5_kt_free_entry(context, &kt_ent); goto errout; } - memcpy(key->contents, kt_ent.key.contents, kt_ent.key.length); krb5_kt_free_entry(context, &kt_ent); } diff --git a/src/lib/kdb/kdb_log.c b/src/lib/kdb/kdb_log.c index b9906f0f72..d8d338c7fb 100644 --- a/src/lib/kdb/kdb_log.c +++ b/src/lib/kdb/kdb_log.c @@ -321,13 +321,10 @@ ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args) continue; if (upd->kdb_deleted) { - dbprincstr = k5alloc(upd->kdb_princ_name.utf8str_t_len + 1, - &retval); + dbprincstr = k5memdup0(upd->kdb_princ_name.utf8str_t_val, + upd->kdb_princ_name.utf8str_t_len, &retval); if (dbprincstr == NULL) goto cleanup; - memcpy(dbprincstr, (char *)upd->kdb_princ_name.utf8str_t_val, - upd->kdb_princ_name.utf8str_t_len); - dbprincstr[upd->kdb_princ_name.utf8str_t_len] = '\0'; retval = krb5_parse_name(context, dbprincstr, &dbprinc); free(dbprincstr); diff --git a/src/lib/krb5/ccache/ccbase.c b/src/lib/krb5/ccache/ccbase.c index a1fd3aa837..370c9439be 100644 --- a/src/lib/krb5/ccache/ccbase.c +++ b/src/lib/krb5/ccache/ccbase.c @@ -221,13 +221,9 @@ krb5_cc_resolve (krb5_context context, const char *name, krb5_ccache *cache) resid = name; } else { resid = name + pfxlen + 1; - - pfx = malloc (pfxlen+1); - if (!pfx) - return ENOMEM; - - memcpy (pfx, name, pfxlen); - pfx[pfxlen] = '\0'; + pfx = k5memdup0(name, pfxlen, &err); + if (pfx == NULL) + return err; } *cache = (krb5_ccache) 0; diff --git a/src/lib/krb5/keytab/kt_srvtab.c b/src/lib/krb5/keytab/kt_srvtab.c index 2ca616684e..7bbb6580dd 100644 --- a/src/lib/krb5/keytab/kt_srvtab.c +++ b/src/lib/krb5/keytab/kt_srvtab.c @@ -430,12 +430,11 @@ krb5_ktsrvint_read_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry ret_entry->key.enctype = ENCTYPE_DES_CBC_CRC; ret_entry->key.magic = KV5M_KEYBLOCK; ret_entry->key.length = sizeof(key); - ret_entry->key.contents = malloc(sizeof(key)); - if (!ret_entry->key.contents) { + ret_entry->key.contents = k5memdup(key, sizeof(key), &kerror); + if (ret_entry->key.contents == NULL) { krb5_free_principal(context, ret_entry->principal); - return ENOMEM; + return kerror; } - memcpy(ret_entry->key.contents, key, sizeof(key)); return 0; } diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c index 6f29579ce8..0f3562f339 100644 --- a/src/lib/krb5/keytab/ktbase.c +++ b/src/lib/krb5/keytab/ktbase.c @@ -188,13 +188,9 @@ krb5_kt_resolve (krb5_context context, const char *name, krb5_keytab *ktid) resid = name; } else { resid = name + pfxlen + 1; - - pfx = malloc (pfxlen+1); - if (!pfx) - return ENOMEM; - - memcpy (pfx, name, pfxlen); - pfx[pfxlen] = '\0'; + pfx = k5memdup0(name, pfxlen, &err); + if (pfx == NULL) + return err; } *ktid = (krb5_keytab) 0; diff --git a/src/lib/krb5/krb/copy_tick.c b/src/lib/krb5/krb/copy_tick.c index c3e33ff824..660d977bb4 100644 --- a/src/lib/krb5/krb/copy_tick.c +++ b/src/lib/krb5/krb/copy_tick.c @@ -53,16 +53,14 @@ copy_enc_tkt_part(krb5_context context, const krb5_enc_tkt_part *partfrom, tempto->transited.tr_contents.data = 0; } else { tempto->transited.tr_contents.data = - malloc(partfrom->transited.tr_contents.length); + k5memdup(partfrom->transited.tr_contents.data, + partfrom->transited.tr_contents.length, &retval); if (!tempto->transited.tr_contents.data) { krb5_free_principal(context, tempto->client); krb5_free_keyblock(context, tempto->session); free(tempto); return ENOMEM; } - memcpy(tempto->transited.tr_contents.data, - (char *)partfrom->transited.tr_contents.data, - partfrom->transited.tr_contents.length); } retval = krb5_copy_addresses(context, partfrom->caddrs, &tempto->caddrs); diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c index 8387cea27e..2e55066c7e 100644 --- a/src/lib/krb5/krb/fwd_tgt.c +++ b/src/lib/krb5/krb/fwd_tgt.c @@ -130,14 +130,11 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, goto errout; } - rhost = malloc(server->data[1].length+1); - if (!rhost) { - retval = ENOMEM; + rhost = k5memdup0(server->data[1].data, server->data[1].length, + &retval); + if (rhost == NULL) goto errout; - } free_rhost = 1; - memcpy(rhost, server->data[1].data, server->data[1].length); - rhost[server->data[1].length] = '\0'; } retval = krb5_os_hostaddr(context, rhost, &addrs); diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index df1bacf878..c88b67a6e8 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -891,13 +891,11 @@ krb5_init_creds_init(krb5_context context, /* enctypes */ if (opte->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { ctx->request->ktype = - k5alloc((opte->etype_list_length * sizeof(krb5_enctype)), - &code); + k5memdup(opte->etype_list, + opte->etype_list_length * sizeof(krb5_enctype), &code); if (code != 0) goto cleanup; ctx->request->nktypes = opte->etype_list_length; - memcpy(ctx->request->ktype, opte->etype_list, - ctx->request->nktypes * sizeof(krb5_enctype)); } else if (krb5_get_default_in_tkt_ktypes(context, &ctx->request->ktype) == 0) { ctx->request->nktypes = k5_count_etypes(ctx->request->ktype); diff --git a/src/lib/krb5/krb/pac.c b/src/lib/krb5/krb/pac.c index 3262d21d82..cc6f200c69 100644 --- a/src/lib/krb5/krb/pac.c +++ b/src/lib/krb5/krb/pac.c @@ -186,12 +186,10 @@ krb5_pac_get_buffer(krb5_context context, if (ret != 0) return ret; - data->data = malloc(d.length); + data->data = k5memdup(d.data, d.length, &ret); if (data->data == NULL) - return ENOMEM; - + return ret; data->length = d.length; - memcpy(data->data, d.data, d.length); return 0; } @@ -275,14 +273,12 @@ k5_pac_copy(krb5_context context, if (pac == NULL) return ENOMEM; - pac->pac = (PACTYPE *)malloc(header_len); + pac->pac = k5memdup(src->pac, header_len, &code); if (pac->pac == NULL) { free(pac); - return ENOMEM; + return code; } - memcpy(pac->pac, src->pac, header_len); - code = krb5int_copy_data_contents(context, &src->data, &pac->data); if (code != 0) { free(pac->pac); @@ -538,11 +534,9 @@ k5_pac_verify_server_checksum(krb5_context context, return KRB5KRB_AP_ERR_INAPP_CKSUM; pac_data.length = pac->data.length; - pac_data.data = malloc(pac->data.length); + pac_data.data = k5memdup(pac->data.data, pac->data.length, &ret); if (pac_data.data == NULL) - return ENOMEM; - - memcpy(pac_data.data, pac->data.data, pac->data.length); + return ret; /* Zero out both checksum buffers */ ret = k5_pac_zero_signature(context, pac, KRB5_PAC_SERVER_CHECKSUM, diff --git a/src/lib/krb5/krb/pac_sign.c b/src/lib/krb5/krb/pac_sign.c index 49e3862b7b..20535816d7 100644 --- a/src/lib/krb5/krb/pac_sign.c +++ b/src/lib/krb5/krb/pac_sign.c @@ -257,13 +257,11 @@ krb5_pac_sign(krb5_context context, krb5_pac pac, krb5_timestamp authtime, if (ret != 0) return ret; - data->data = malloc(pac->data.length); + data->data = k5memdup(pac->data.data, pac->data.length, &ret); if (data->data == NULL) - return ENOMEM; - + return ret; data->length = pac->data.length; - memcpy(data->data, pac->data.data, pac->data.length); memset(pac->data.data, 0, PACTYPE_LENGTH + (pac->pac->cBuffers * PAC_INFO_BUFFER_LENGTH)); diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index ad1618ab6e..060f98aa00 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -802,10 +802,9 @@ copy_cookie(krb5_context context, krb5_pa_data **in_padata, if (pa == NULL) return ret; *pa = *cookie; - pa->contents = k5alloc(cookie->length, &ret); + pa->contents = k5memdup(cookie->contents, cookie->length, &ret); if (pa->contents == NULL) goto error; - memcpy(pa->contents, cookie->contents, cookie->length); ret = grow_pa_list(out_pa_list, out_pa_list_size, &pa, 1); if (ret) goto error; @@ -841,12 +840,12 @@ add_s4u_x509_user_padata(krb5_context context, krb5_s4u_userid *userid, s4u_padata->magic = KV5M_PA_DATA; s4u_padata->pa_type = KRB5_PADATA_S4U_X509_USER; - s4u_padata->contents = malloc(userid->subject_cert.length); + s4u_padata->contents = k5memdup(userid->subject_cert.data, + userid->subject_cert.length, &code); if (s4u_padata->contents == NULL) { free(s4u_padata); - return ENOMEM; + return code; } - memcpy(s4u_padata->contents, userid->subject_cert.data, userid->subject_cert.length); s4u_padata->length = userid->subject_cert.length; code = grow_pa_list(out_pa_list, out_pa_list_size, &s4u_padata, 1); diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index f4187dc045..9a7c261dd6 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -239,10 +239,10 @@ k5_make_tgs_req(krb5_context context, if (padata[0] == NULL) goto cleanup; padata[0]->pa_type = KRB5_PADATA_AP_REQ; - padata[0]->contents = k5alloc(ap_req_asn1->length, &ret); + padata[0]->contents = k5memdup(ap_req_asn1->data, ap_req_asn1->length, + &ret); if (padata[0] == NULL) goto cleanup; - memcpy(padata[0]->contents, ap_req_asn1->data, ap_req_asn1->length); padata[0]->length = ap_req_asn1->length; /* Append copies of any other supplied padata. */ @@ -252,10 +252,10 @@ k5_make_tgs_req(krb5_context context, goto cleanup; pa->pa_type = in_padata[i]->pa_type; pa->length = in_padata[i]->length; - pa->contents = k5alloc(in_padata[i]->length, &ret); + pa->contents = k5memdup(in_padata[i]->contents, in_padata[i]->length, + &ret); if (pa->contents == NULL) goto cleanup; - memcpy(pa->contents, in_padata[i]->contents, in_padata[i]->length); padata[i + 1] = pa; } req.padata = padata; diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c index 10711f1d67..0aed147f34 100644 --- a/src/lib/krb5/krb/walk_rtree.c +++ b/src/lib/krb5/krb/walk_rtree.c @@ -303,19 +303,13 @@ rtree_capath_vals(krb5_context context, *vals = NULL; - clientz = calloc(client->length + 1, 1); - if (clientz == NULL) { - retval = ENOMEM; + clientz = k5memdup0(client->data, client->length, &retval); + if (clientz == NULL) goto error; - } - memcpy(clientz, client->data, client->length); - serverz = calloc(server->length + 1, 1); - if (serverz == NULL) { - retval = ENOMEM; + serverz = k5memdup0(server->data, server->length, &retval); + if (serverz == NULL) goto error; - } - memcpy(serverz, server->data, server->length); key[0] = "capaths"; key[1] = clientz; diff --git a/src/lib/krb5/os/an_to_ln.c b/src/lib/krb5/os/an_to_ln.c index 8108f3478b..0f2600c28b 100644 --- a/src/lib/krb5/os/an_to_ln.c +++ b/src/lib/krb5/os/an_to_ln.c @@ -375,7 +375,6 @@ aname_replacer(char *string, char **contextp, char **result) krb5_error_code kret; char *in = NULL, *out = NULL, *rule = NULL, *repl = NULL; char *cp, *ep, *tp; - size_t rule_size, repl_size; int doglobal; *result = NULL; @@ -418,24 +417,13 @@ aname_replacer(char *string, char **contextp, char **result) goto cleanup; } - /* Figure out sizes of strings and allocate them */ - rule_size = (size_t) (ep - &cp[2]); - repl_size = (size_t) (tp - &ep[1]); - rule = malloc(rule_size + 1); - if (!rule) { - kret = ENOMEM; + /* Copy the rule and replacement strings. */ + rule = k5memdup0(&cp[2], ep - &cp[2], &kret); + if (rule == NULL) goto cleanup; - } - repl = malloc(repl_size + 1); - if (!repl) { - kret = ENOMEM; + repl = k5memdup0(&ep[1], tp - &ep[1], &kret); + if (repl == NULL) goto cleanup; - } - - /* Copy the strings */ - memcpy(rule, &cp[2], rule_size); - memcpy(repl, &ep[1], repl_size); - rule[rule_size] = repl[repl_size] = '\0'; /* Check for trailing "g" */ doglobal = (tp[1] == 'g') ? 1 : 0; diff --git a/src/lib/krb5/os/changepw.c b/src/lib/krb5/os/changepw.c index 4ad8f32ebb..46f4f0e5f3 100644 --- a/src/lib/krb5/os/changepw.c +++ b/src/lib/krb5/os/changepw.c @@ -156,16 +156,11 @@ kpasswd_sendto_msg_callback(struct conn_state *conn, local_kaddr.magic = addrs[0]->magic; local_kaddr.addrtype = addrs[0]->addrtype; local_kaddr.length = addrs[0]->length; - local_kaddr.contents = malloc(addrs[0]->length); - if (local_kaddr.contents == NULL && addrs[0]->length != 0) { - code = ENOMEM; - krb5_free_addresses(ctx->context, addrs); - goto cleanup; - } - if (addrs[0]->length) - memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); - + local_kaddr.contents = k5memdup(addrs[0]->contents, addrs[0]->length, + &code); krb5_free_addresses(ctx->context, addrs); + if (local_kaddr.contents == NULL) + goto cleanup; } diff --git a/src/lib/krb5/os/get_krbhst.c b/src/lib/krb5/os/get_krbhst.c index 7db973aa21..d607366194 100644 --- a/src/lib/krb5/os/get_krbhst.c +++ b/src/lib/krb5/os/get_krbhst.c @@ -103,13 +103,9 @@ krb5_get_krbhst(krb5_context context, const krb5_data *realm, char ***hostlist) goto cleanup; } for (i = 0; i < count; i++) { - unsigned int len = strlen (values[i]) + 1; - rethosts[i] = malloc(len); - if (!rethosts[i]) { - retval = ENOMEM; + rethosts[i] = k5memdup0(values[i], strlen(values[i]), &retval); + if (rethosts[i] == NULL) goto cleanup; - } - memcpy (rethosts[i], values[i], len); } rethosts[count] = 0; cleanup: diff --git a/src/lib/krb5/os/hostaddr.c b/src/lib/krb5/os/hostaddr.c index 6be2abea80..a38fad5d97 100644 --- a/src/lib/krb5/os/hostaddr.c +++ b/src/lib/krb5/os/hostaddr.c @@ -101,12 +101,9 @@ krb5_os_hostaddr(krb5_context context, const char *name, addrs[i]->magic = KV5M_ADDRESS; addrs[i]->addrtype = atype; addrs[i]->length = addrlen; - addrs[i]->contents = malloc(addrs[i]->length); - if (!addrs[i]->contents) { - retval = ENOMEM; + addrs[i]->contents = k5memdup(ptr, addrlen, &retval); + if (addrs[i]->contents == NULL) goto errout; - } - memcpy (addrs[i]->contents, ptr, addrs[i]->length); i++; } diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c index ed8cc641e7..5bf77761a7 100644 --- a/src/lib/krb5/os/locate_kdc.c +++ b/src/lib/krb5/os/locate_kdc.c @@ -400,13 +400,11 @@ module_locate_server(krb5_context ctx, const krb5_data *realm, krb5int_free_plugin_dir_data(ptrs); return ENOMEM; } - realmz = malloc(realm->length + 1); + realmz = k5memdup0(realm->data, realm->length, &code); if (realmz == NULL) { krb5int_free_plugin_dir_data(ptrs); - return ENOMEM; + return code; } - memcpy(realmz, realm->data, realm->length); - realmz[realm->length] = '\0'; for (i = 0; ptrs[i]; i++) { void *blob; diff --git a/src/lib/krb5/rcache/rc_dfl.c b/src/lib/krb5/rcache/rc_dfl.c index cc42f461f2..2981985ea5 100644 --- a/src/lib/krb5/rcache/rc_dfl.c +++ b/src/lib/krb5/rcache/rc_dfl.c @@ -419,11 +419,9 @@ check_hash_extension(krb5_donot_replay *rep) end = strchr(str, ' '); if (!end) return 0; - msghash = malloc(end - str + 1); + msghash = k5memdup0(str, end - str, &retval); if (!msghash) return KRB5_RC_MALLOC; - memcpy(msghash, str, end - str); - msghash[end - str] = '\0'; str = end + 1; /* Parse out the client and server. */ diff --git a/src/lib/krb5/unicode/ucstr.c b/src/lib/krb5/unicode/ucstr.c index 625c9de1c4..38d8d47d02 100644 --- a/src/lib/krb5/unicode/ucstr.c +++ b/src/lib/krb5/unicode/ucstr.c @@ -160,13 +160,9 @@ krb5int_utf8_normalize( if (i == len) { newdata->length = len; - newdata->data = malloc(newdata->length + 1); - if (newdata->data == NULL) { - retval = ENOMEM; + newdata->data = k5memdup0(s, len, &retval); + if (newdata->data == NULL) goto cleanup; - } - memcpy(newdata->data, s, len); - newdata->data[len] = '\0'; *newdataptr = newdata; return 0; } diff --git a/src/plugins/kdb/db2/adb_policy.c b/src/plugins/kdb/db2/adb_policy.c index fa6f0a38cb..5e046ab612 100644 --- a/src/plugins/kdb/db2/adb_policy.c +++ b/src/plugins/kdb/db2/adb_policy.c @@ -211,10 +211,9 @@ osa_adb_get_policy(osa_adb_policy_t db, char *name, entry = k5alloc(sizeof(*entry), &ret); if (entry == NULL) goto error; - aligned_data = k5alloc(dbdata.size, &ret); + aligned_data = k5memdup(dbdata.data, dbdata.size, &ret); if (aligned_data == NULL) goto error; - memcpy(aligned_data, dbdata.data, dbdata.size); xdrmem_create(&xdrs, aligned_data, dbdata.size, XDR_DECODE); if (!xdr_osa_policy_ent_rec(&xdrs, entry)) { ret = OSA_ADB_FAILURE; @@ -343,11 +342,9 @@ osa_adb_iter_policy(osa_adb_policy_t db, osa_adb_iter_policy_func func, goto error; } - if(!(aligned_data = (char *) malloc(dbdata.size))) { - ret = ENOMEM; + aligned_data = k5memdup(dbdata.data, dbdata.size, &ret); + if (aligned_data == NULL) goto error; - } - memcpy(aligned_data, dbdata.data, dbdata.size); memset(entry, 0, sizeof(osa_policy_ent_rec)); xdrmem_create(&xdrs, aligned_data, dbdata.size, XDR_DECODE); diff --git a/src/plugins/kdb/db2/kdb_xdr.c b/src/plugins/kdb/db2/kdb_xdr.c index 184615cdae..5264963386 100644 --- a/src/plugins/kdb/db2/kdb_xdr.c +++ b/src/plugins/kdb/db2/kdb_xdr.c @@ -310,10 +310,9 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content, /* Check for extra data */ if (entry->len > KRB5_KDB_V1_BASE_LENGTH) { entry->e_length = entry->len - KRB5_KDB_V1_BASE_LENGTH; - entry->e_data = k5alloc(entry->e_length, &retval); + entry->e_data = k5memdup(nextloc, entry->e_length, &retval); if (entry->e_data == NULL) goto error_out; - memcpy(entry->e_data, nextloc, entry->e_length); nextloc += entry->e_length; } @@ -363,12 +362,10 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content, retval = KRB5_KDB_TRUNCATED_RECORD; goto error_out; } - if (((*tl_data)->tl_data_contents = (krb5_octet *) - malloc((*tl_data)->tl_data_length)) == NULL) { - retval = ENOMEM; + (*tl_data)->tl_data_contents = + k5memdup(nextloc, (*tl_data)->tl_data_length, &retval); + if ((*tl_data)->tl_data_contents == NULL) goto error_out; - } - memcpy((*tl_data)->tl_data_contents,nextloc,(*tl_data)->tl_data_length); nextloc += (*tl_data)->tl_data_length; tl_data = &((*tl_data)->tl_data_next); } @@ -411,13 +408,11 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content, goto error_out; } if (key_data->key_data_length[j]) { - if ((key_data->key_data_contents[j] = (krb5_octet *) - malloc(key_data->key_data_length[j])) == NULL) { - retval = ENOMEM; + key_data->key_data_contents[j] = + k5memdup(nextloc, key_data->key_data_length[j], + &retval); + if (key_data->key_data_contents[j] == NULL) goto error_out; - } - memcpy(key_data->key_data_contents[j], nextloc, - key_data->key_data_length[j]); nextloc += key_data->key_data_length[j]; } } diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c index 5f789da983..c4024b8d07 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c @@ -826,11 +826,9 @@ decode_tl_data(krb5_tl_data *tl_data, int tl_type, void **data) UNSTORE16_INT(curr, sublen); /* forward by 2 bytes */ curr += 2; - DN = malloc (sublen + 1); + DN = k5memdup0(curr, sublen, &st); if (DN == NULL) - return ENOMEM; - memcpy(DN, curr, sublen); - DN[sublen] = 0; + return st; *data = DN; curr += sublen; st = 0; @@ -854,11 +852,9 @@ decode_tl_data(krb5_tl_data *tl_data, int tl_type, void **data) UNSTORE16_INT(curr, sublen); /* forward by 2 bytes */ curr += 2; - DNarr[i] = malloc (sublen + 1); + DNarr[i] = k5memdup0(curr, sublen, &st); if (DNarr[i] == NULL) - return ENOMEM; - memcpy(DNarr[i], curr, sublen); - DNarr[i][sublen] = 0; + return st; ++i; curr += sublen; *data = DNarr; @@ -1292,12 +1288,10 @@ krb5_add_ber_mem_ldap_mod(LDAPMod ***mods, char *attribute, int op, return ENOMEM; (*mods)[i]->mod_bvalues[j]->bv_len = ber_values[j]->bv_len; - (*mods)[i]->mod_bvalues[j]->bv_val = malloc((*mods)[i]->mod_bvalues[j]->bv_len); + (*mods)[i]->mod_bvalues[j]->bv_val = + k5memdup(ber_values[j]->bv_val, ber_values[j]->bv_len, &st); if ((*mods)[i]->mod_bvalues[j]->bv_val == NULL) return ENOMEM; - - memcpy((*mods)[i]->mod_bvalues[j]->bv_val, ber_values[j]->bv_val, - ber_values[j]->bv_len); } (*mods)[i]->mod_bvalues[j] = NULL; return 0; diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c index 1e671c7ed2..527873c1f2 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c @@ -331,12 +331,9 @@ process_db_args(krb5_context context, char **db_args, xargs_t *xargs, dptr)) != 0) goto cleanup; } else { - *dptr = calloc (1, arg_val_len); - if (*dptr == NULL) { - st = ENOMEM; + *dptr = k5memdup(arg_val, arg_val_len, &st); + if (*dptr == NULL) goto cleanup; - } - memcpy(*dptr, arg_val, arg_val_len); } } } diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c index 132eef6653..e379382119 100644 --- a/src/plugins/preauth/pkinit/pkinit_srv.c +++ b/src/plugins/preauth/pkinit/pkinit_srv.c @@ -639,11 +639,11 @@ pkinit_pick_kdf_alg(krb5_context context, krb5_data **kdf_list, tmp_oid = k5alloc(sizeof(krb5_data), &retval); if (retval) goto cleanup; - tmp_oid->data = k5alloc(supp_oid->length, &retval); + tmp_oid->data = k5memdup(supp_oid->data, supp_oid->length, + &retval); if (retval) goto cleanup; tmp_oid->length = supp_oid->length; - memcpy(tmp_oid->data, supp_oid->data, tmp_oid->length); *alg_oid = tmp_oid; /* don't free the OID in clean-up if we are returning it */ tmp_oid = NULL; |