diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-02-09 00:43:35 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-02-09 00:43:35 -0500 |
| commit | 7905cd6a2eddbf264242bb2a85f811878b2da7ab (patch) | |
| tree | 72b4028cbe0e399e1d293e2b718530913f0a2673 /src | |
| parent | 92e2bac0f38f7f60a8fc74b5964357212c4289e1 (diff) | |
| download | krb5-7905cd6a2eddbf264242bb2a85f811878b2da7ab.tar.gz krb5-7905cd6a2eddbf264242bb2a85f811878b2da7ab.tar.xz krb5-7905cd6a2eddbf264242bb2a85f811878b2da7ab.zip | |
Add and use k5memdup, k5memdup0 helpers
Add k5-int.h static functions to duplicate byte ranges, optionally
with a trailing zero byte, and set an error code like k5alloc does.
Use them where they would shorten existing code.
Diffstat (limited to 'src')
38 files changed, 125 insertions, 211 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 9da1b63b6..9136bfc0e 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -2571,6 +2571,28 @@ k5alloc(size_t len, krb5_error_code *code) return ptr; } +/* Return a copy of the len bytes of memory at in; set *code to 0 or ENOMEM. */ +static inline void * +k5memdup(const void *in, size_t len, krb5_error_code *code) +{ + void *ptr = k5alloc(len, code); + + if (ptr != NULL) + memcpy(ptr, in, len); + return ptr; +} + +/* Like k5memdup, but add a final null byte. */ +static inline void * +k5memdup0(const void *in, size_t len, krb5_error_code *code) +{ + void *ptr = k5alloc(len + 1, code); + + if (ptr != NULL) + memcpy(ptr, in, len); + return ptr; +} + krb5_error_code KRB5_CALLCONV krb5_get_credentials_for_user(krb5_context context, krb5_flags options, krb5_ccache ccache, diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c index 5b5bd9b90..15b0ab5a3 100644 --- a/src/kadmin/server/schpw.c +++ b/src/kadmin/server/schpw.c @@ -216,10 +216,7 @@ process_chpw_request(krb5_context context, void *server_handle, char *realm, /* change the password */ - ptr = (char *) malloc(clear.length+1); - memcpy(ptr, clear.data, clear.length); - ptr[clear.length] = '\0'; - + ptr = k5memdup0(clear.data, clear.length, &ret); ret = schpw_util_wrapper(server_handle, client, target, (ticket->enc_part2->flags & TKT_FLG_INITIAL) != 0, ptr, NULL, strresult, sizeof(strresult)); diff --git a/src/kdc/fast_util.c b/src/kdc/fast_util.c index 1dd5f3ebf..40c578303 100644 --- a/src/kdc/fast_util.c +++ b/src/kdc/fast_util.c @@ -256,15 +256,12 @@ kdc_find_fast(krb5_kdc_req **requestptr, } else { new_padata->pa_type = KRB5_PADATA_FX_COOKIE; new_padata->length = cookie_padata->length; - new_padata->contents = malloc(new_padata->length); - if (new_padata->contents == NULL) { - retval = ENOMEM; + new_padata->contents = + k5memdup(cookie_padata->contents, new_padata->length, &retval); + if (new_padata->contents == NULL) free(new_padata); - } else { - memcpy(new_padata->contents, cookie_padata->contents, - new_padata->length); + else state->cookie = new_padata; - } } } if (retval == 0 && inner_body_out != NULL) { diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index 848d0bdcc..c2bcab9f3 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -1586,12 +1586,10 @@ return_pw_salt(krb5_context context, krb5_pa_data *in_padata, padata->magic = KV5M_PA_DATA; if (salttype == KRB5_KDB_SALTTYPE_AFS3) { - padata->contents = k5alloc(salt->length + 1, &retval); + padata->contents = k5memdup0(salt->data, salt->length, &retval); if (padata->contents == NULL) goto cleanup; - memcpy(padata->contents, salt->data, salt->length); padata->pa_type = KRB5_PADATA_AFS3_SALT; - padata->contents[salt->length] = '\0'; padata->length = salt->length + 1; } else { padata->pa_type = KRB5_PADATA_PW_SALT; diff --git a/src/lib/crypto/krb/checksum_confounder.c b/src/lib/crypto/krb/checksum_confounder.c index 116b3c7ff..afc473bfe 100644 --- a/src/lib/crypto/krb/checksum_confounder.c +++ b/src/lib/crypto/krb/checksum_confounder.c @@ -41,10 +41,10 @@ mk_xorkey(krb5_key origkey, krb5_key *xorkey) krb5_keyblock xorkeyblock; size_t i = 0; - xorbytes = malloc(origkey->keyblock.length); + xorbytes = k5memdup(origkey->keyblock.contents, origkey->keyblock.length, + &retval); if (xorbytes == NULL) - return ENOMEM; - memcpy(xorbytes, origkey->keyblock.contents, origkey->keyblock.length); + return retval; for (i = 0; i < origkey->keyblock.length; i++) xorbytes[i] ^= 0xf0; @@ -118,7 +118,7 @@ krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, krb5_crypto_iov *hash_iov = NULL, iov; size_t blocksize = ctp->enc->block_size, hashsize = ctp->hash->hashsize; - plaintext = k5alloc(input->length, &ret); + plaintext = k5memdup(input->data, input->length, &ret); if (plaintext == NULL) return ret; @@ -129,7 +129,6 @@ krb5_error_code krb5int_confounder_verify(const struct krb5_cksumtypes *ctp, /* Decrypt the input checksum. */ iov.flags = KRB5_CRYPTO_TYPE_DATA; iov.data = make_data(plaintext, input->length); - memcpy(plaintext, input->data, input->length); ret = ctp->enc->decrypt(xorkey, NULL, &iov, 1); if (ret != 0) goto cleanup; diff --git a/src/lib/crypto/krb/derive.c b/src/lib/crypto/krb/derive.c index 1509f4225..f15fec1a2 100644 --- a/src/lib/crypto/krb/derive.c +++ b/src/lib/crypto/krb/derive.c @@ -52,7 +52,7 @@ add_cached_dkey(krb5_key key, const krb5_data *constant, dkent = malloc(sizeof(*dkent)); if (dkent == NULL) goto cleanup; - data = malloc(constant->length); + data = k5memdup(constant->data, constant->length, &ret); if (data == NULL) goto cleanup; ret = krb5_k_create_key(NULL, dkeyblock, &dkey); @@ -60,7 +60,6 @@ add_cached_dkey(krb5_key key, const krb5_data *constant, goto cleanup; /* Add the new entry to the list. */ - memcpy(data, constant->data, constant->length); dkent->dkey = dkey; dkent->constant.data = data; dkent->constant.length = constant->length; diff --git a/src/lib/crypto/krb/enc_old.c b/src/lib/crypto/krb/enc_old.c index e7160b169..b44a3994f 100644 --- a/src/lib/crypto/krb/enc_old.c +++ b/src/lib/crypto/krb/enc_old.c @@ -166,10 +166,9 @@ krb5int_old_decrypt(const struct krb5_keytypes *ktp, krb5_key key, /* Save the checksum, then zero it out in the plaintext. */ checksum = make_data(header->data.data + enc->block_size, hash->hashsize); - saved_checksum = k5alloc(hash->hashsize, &ret); + saved_checksum = k5memdup(checksum.data, checksum.length, &ret); if (saved_checksum == NULL) goto cleanup; - memcpy(saved_checksum, checksum.data, checksum.length); memset(checksum.data, 0, checksum.length); /* diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c index 31f705d82..04d70a64b 100644 --- a/src/lib/gssapi/krb5/gssapi_krb5.c +++ b/src/lib/gssapi/krb5/gssapi_krb5.c @@ -800,16 +800,13 @@ krb5_gss_authorize_localname(OM_uint32 *minor, return GSS_S_FAILURE; } - user = k5alloc(local_user->length + 1, &code); + user = k5memdup0(local_user->value, local_user->length, &code); if (user == NULL) { *minor = code; krb5_free_context(context); return GSS_S_FAILURE; } - memcpy(user, local_user->value, local_user->length); - user[local_user->length] = '\0'; - user_ok = krb5_kuserok(context, kname->princ, user); free(user); diff --git a/src/lib/gssapi/krb5/import_cred.c b/src/lib/gssapi/krb5/import_cred.c index 4de6fa65e..ad9a1110e 100644 --- a/src/lib/gssapi/krb5/import_cred.c +++ b/src/lib/gssapi/krb5/import_cred.c @@ -614,14 +614,12 @@ krb5_gss_import_cred(OM_uint32 *minor_status, gss_buffer_t token, } /* Decode token. */ - copy = malloc(token->length + 1); + copy = k5memdup0(token->value, token->length, &ret); if (copy == NULL) { status = GSS_S_FAILURE; - *minor_status = ENOMEM; + *minor_status = ret; goto cleanup; } - memcpy(copy, token->value, token->length); - copy[token->length] = '\0'; v = k5_json_decode(copy); if (v == NULL) goto invalid; diff --git a/src/lib/gssapi/krb5/import_name.c b/src/lib/gssapi/krb5/import_name.c index 394aca4fe..3f5492b99 100644 --- a/src/lib/gssapi/krb5/import_name.c +++ b/src/lib/gssapi/krb5/import_name.c @@ -196,14 +196,12 @@ krb5_gss_import_name(minor_status, input_name_buffer, stringrep = NULL; - tmp = k5alloc(input_name_buffer->length + 1, &code); + tmp = k5memdup0(input_name_buffer->value, input_name_buffer->length, + &code); if (tmp == NULL) goto cleanup; tmp2 = NULL; - memcpy(tmp, input_name_buffer->value, input_name_buffer->length); - tmp[input_name_buffer->length] = '\0'; - /* Find the appropriate string rep to pass into parse_name. */ if ((input_name_type == GSS_C_NULL_OID) || g_OID_equal(input_name_type, gss_nt_krb5_name) || diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c index 535311eb9..f44f0d2cf 100644 --- a/src/lib/gssapi/krb5/naming_exts.c +++ b/src/lib/gssapi/krb5/naming_exts.c @@ -162,11 +162,9 @@ kg_acceptor_princ(krb5_context context, krb5_gss_name_t name, /* If a host was given, we have to use the canonicalized form of it (as * given by krb5_sname_to_principal) for backward compatibility. */ const krb5_data *d = &name->princ->data[1]; - tmp = k5alloc(d->length + 1, &code); + tmp = k5memdup0(d->data, d->length, &code); if (tmp == NULL) return ENOMEM; - memcpy(tmp, d->data, d->length); - tmp[d->length] = '\0'; host = tmp; } else /* No host was given; use an empty string. */ host = ""; diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 2000fe441..6d90628dc 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -245,12 +245,10 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy, ks_tuple = handle->params.keysalts; } /* Dup the requested or defaulted keysalt tuples. */ - new_ks_tuple = malloc(n_ks_tuple * sizeof(*new_ks_tuple)); - if (new_ks_tuple == NULL) { - ret = ENOMEM; + new_ks_tuple = k5memdup(ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple), + &ret); + if (new_ks_tuple == NULL) goto cleanup; - } - memcpy(new_ks_tuple, ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple)); new_n_ks_tuple = n_ks_tuple; ret = 0; goto cleanup; diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index 2a040fc57..e1ee5f9ff 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -1167,16 +1167,13 @@ krb5_db_fetch_mkey(krb5_context context, krb5_principal mname, if (retval) goto clean_n_exit; - key->contents = malloc(tmp_key.length); - if (key->contents == NULL) { - retval = ENOMEM; + key->contents = k5memdup(tmp_key.contents, tmp_key.length, &retval); + if (key->contents == NULL) goto clean_n_exit; - } key->magic = tmp_key.magic; key->enctype = tmp_key.enctype; key->length = tmp_key.length; - memcpy(key->contents, tmp_key.contents, tmp_key.length); } clean_n_exit: diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c index ee01d9d21..9a7f757f9 100644 --- a/src/lib/kdb/kdb_default.c +++ b/src/lib/kdb/kdb_default.c @@ -361,12 +361,12 @@ krb5_db_def_fetch_mkey_keytab(krb5_context context, * kt_ent will be free'd so need to allocate and copy key contents for * output to caller. */ - if (!(key->contents = (krb5_octet *)malloc(key->length))) { - retval = ENOMEM; + key->contents = k5memdup(kt_ent.key.contents, kt_ent.key.length, + &retval); + if (key->contents == NULL) { krb5_kt_free_entry(context, &kt_ent); goto errout; } - memcpy(key->contents, kt_ent.key.contents, kt_ent.key.length); krb5_kt_free_entry(context, &kt_ent); } diff --git a/src/lib/kdb/kdb_log.c b/src/lib/kdb/kdb_log.c index b9906f0f7..d8d338c7f 100644 --- a/src/lib/kdb/kdb_log.c +++ b/src/lib/kdb/kdb_log.c @@ -321,13 +321,10 @@ ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args) continue; if (upd->kdb_deleted) { - dbprincstr = k5alloc(upd->kdb_princ_name.utf8str_t_len + 1, - &retval); + dbprincstr = k5memdup0(upd->kdb_princ_name.utf8str_t_val, + upd->kdb_princ_name.utf8str_t_len, &retval); if (dbprincstr == NULL) goto cleanup; - memcpy(dbprincstr, (char *)upd->kdb_princ_name.utf8str_t_val, - upd->kdb_princ_name.utf8str_t_len); - dbprincstr[upd->kdb_princ_name.utf8str_t_len] = '\0'; retval = krb5_parse_name(context, dbprincstr, &dbprinc); free(dbprincstr); diff --git a/src/lib/krb5/ccache/ccbase.c b/src/lib/krb5/ccache/ccbase.c index a1fd3aa83..370c9439b 100644 --- a/src/lib/krb5/ccache/ccbase.c +++ b/src/lib/krb5/ccache/ccbase.c @@ -221,13 +221,9 @@ krb5_cc_resolve (krb5_context context, const char *name, krb5_ccache *cache) resid = name; } else { resid = name + pfxlen + 1; - - pfx = malloc (pfxlen+1); - if (!pfx) - return ENOMEM; - - memcpy (pfx, name, pfxlen); - pfx[pfxlen] = '\0'; + pfx = k5memdup0(name, pfxlen, &err); + if (pfx == NULL) + return err; } *cache = (krb5_ccache) 0; diff --git a/src/lib/krb5/keytab/kt_srvtab.c b/src/lib/krb5/keytab/kt_srvtab.c index 2ca616684..7bbb6580d 100644 --- a/src/lib/krb5/keytab/kt_srvtab.c +++ b/src/lib/krb5/keytab/kt_srvtab.c @@ -430,12 +430,11 @@ krb5_ktsrvint_read_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry ret_entry->key.enctype = ENCTYPE_DES_CBC_CRC; ret_entry->key.magic = KV5M_KEYBLOCK; ret_entry->key.length = sizeof(key); - ret_entry->key.contents = malloc(sizeof(key)); - if (!ret_entry->key.contents) { + ret_entry->key.contents = k5memdup(key, sizeof(key), &kerror); + if (ret_entry->key.contents == NULL) { krb5_free_principal(context, ret_entry->principal); - return ENOMEM; + return kerror; } - memcpy(ret_entry->key.contents, key, sizeof(key)); return 0; } diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c index 6f29579ce..0f3562f33 100644 --- a/src/lib/krb5/keytab/ktbase.c +++ b/src/lib/krb5/keytab/ktbase.c @@ -188,13 +188,9 @@ krb5_kt_resolve (krb5_context context, const char *name, krb5_keytab *ktid) resid = name; } else { resid = name + pfxlen + 1; - - pfx = malloc (pfxlen+1); - if (!pfx) - return ENOMEM; - - memcpy (pfx, name, pfxlen); - pfx[pfxlen] = '\0'; + pfx = k5memdup0(name, pfxlen, &err); + if (pfx == NULL) + return err; } *ktid = (krb5_keytab) 0; diff --git a/src/lib/krb5/krb/copy_tick.c b/src/lib/krb5/krb/copy_tick.c index c3e33ff82..660d977bb 100644 --- a/src/lib/krb5/krb/copy_tick.c +++ b/src/lib/krb5/krb/copy_tick.c @@ -53,16 +53,14 @@ copy_enc_tkt_part(krb5_context context, const krb5_enc_tkt_part *partfrom, tempto->transited.tr_contents.data = 0; } else { tempto->transited.tr_contents.data = - malloc(partfrom->transited.tr_contents.length); + k5memdup(partfrom->transited.tr_contents.data, + partfrom->transited.tr_contents.length, &retval); if (!tempto->transited.tr_contents.data) { krb5_free_principal(context, tempto->client); krb5_free_keyblock(context, tempto->session); free(tempto); return ENOMEM; } - memcpy(tempto->transited.tr_contents.data, - (char *)partfrom->transited.tr_contents.data, - partfrom->transited.tr_contents.length); } retval = krb5_copy_addresses(context, partfrom->caddrs, &tempto->caddrs); diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c index 8387cea27..2e55066c7 100644 --- a/src/lib/krb5/krb/fwd_tgt.c +++ b/src/lib/krb5/krb/fwd_tgt.c @@ -130,14 +130,11 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, goto errout; } - rhost = malloc(server->data[1].length+1); - if (!rhost) { - retval = ENOMEM; + rhost = k5memdup0(server->data[1].data, server->data[1].length, + &retval); + if (rhost == NULL) goto errout; - } free_rhost = 1; - memcpy(rhost, server->data[1].data, server->data[1].length); - rhost[server->data[1].length] = '\0'; } retval = krb5_os_hostaddr(context, rhost, &addrs); diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index df1bacf87..c88b67a6e 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -891,13 +891,11 @@ krb5_init_creds_init(krb5_context context, /* enctypes */ if (opte->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { ctx->request->ktype = - k5alloc((opte->etype_list_length * sizeof(krb5_enctype)), - &code); + k5memdup(opte->etype_list, + opte->etype_list_length * sizeof(krb5_enctype), &code); if (code != 0) goto cleanup; ctx->request->nktypes = opte->etype_list_length; - memcpy(ctx->request->ktype, opte->etype_list, - ctx->request->nktypes * sizeof(krb5_enctype)); } else if (krb5_get_default_in_tkt_ktypes(context, &ctx->request->ktype) == 0) { ctx->request->nktypes = k5_count_etypes(ctx->request->ktype); diff --git a/src/lib/krb5/krb/pac.c b/src/lib/krb5/krb/pac.c index 3262d21d8..cc6f200c6 100644 --- a/src/lib/krb5/krb/pac.c +++ b/src/lib/krb5/krb/pac.c @@ -186,12 +186,10 @@ krb5_pac_get_buffer(krb5_context context, if (ret != 0) return ret; - data->data = malloc(d.length); + data->data = k5memdup(d.data, d.length, &ret); if (data->data == NULL) - return ENOMEM; - + return ret; data->length = d.length; - memcpy(data->data, d.data, d.length); return 0; } @@ -275,14 +273,12 @@ k5_pac_copy(krb5_context context, if (pac == NULL) return ENOMEM; - pac->pac = (PACTYPE *)malloc(header_len); + pac->pac = k5memdup(src->pac, header_len, &code); if (pac->pac == NULL) { free(pac); - return ENOMEM; + return code; } - memcpy(pac->pac, src->pac, header_len); - code = krb5int_copy_data_contents(context, &src->data, &pac->data); if (code != 0) { free(pac->pac); @@ -538,11 +534,9 @@ k5_pac_verify_server_checksum(krb5_context context, return KRB5KRB_AP_ERR_INAPP_CKSUM; pac_data.length = pac->data.length; - pac_data.data = malloc(pac->data.length); + pac_data.data = k5memdup(pac->data.data, pac->data.length, &ret); if (pac_data.data == NULL) - return ENOMEM; - - memcpy(pac_data.data, pac->data.data, pac->data.length); + return ret; /* Zero out both checksum buffers */ ret = k5_pac_zero_signature(context, pac, KRB5_PAC_SERVER_CHECKSUM, diff --git a/src/lib/krb5/krb/pac_sign.c b/src/lib/krb5/krb/pac_sign.c index 49e3862b7..20535816d 100644 --- a/src/lib/krb5/krb/pac_sign.c +++ b/src/lib/krb5/krb/pac_sign.c @@ -257,13 +257,11 @@ krb5_pac_sign(krb5_context context, krb5_pac pac, krb5_timestamp authtime, if (ret != 0) return ret; - data->data = malloc(pac->data.length); + data->data = k5memdup(pac->data.data, pac->data.length, &ret); if (data->data == NULL) - return ENOMEM; - + return ret; data->length = pac->data.length; - memcpy(data->data, pac->data.data, pac->data.length); memset(pac->data.data, 0, PACTYPE_LENGTH + (pac->pac->cBuffers * PAC_INFO_BUFFER_LENGTH)); diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index ad1618ab6..060f98aa0 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -802,10 +802,9 @@ copy_cookie(krb5_context context, krb5_pa_data **in_padata, if (pa == NULL) return ret; *pa = *cookie; - pa->contents = k5alloc(cookie->length, &ret); + pa->contents = k5memdup(cookie->contents, cookie->length, &ret); if (pa->contents == NULL) goto error; - memcpy(pa->contents, cookie->contents, cookie->length); ret = grow_pa_list(out_pa_list, out_pa_list_size, &pa, 1); if (ret) goto error; @@ -841,12 +840,12 @@ add_s4u_x509_user_padata(krb5_context context, krb5_s4u_userid *userid, s4u_padata->magic = KV5M_PA_DATA; s4u_padata->pa_type = KRB5_PADATA_S4U_X509_USER; - s4u_padata->contents = malloc(userid->subject_cert.length); + s4u_padata->contents = k5memdup(userid->subject_cert.data, + userid->subject_cert.length, &code); if (s4u_padata->contents == NULL) { free(s4u_padata); - return ENOMEM; + return code; } - memcpy(s4u_padata->contents, userid->subject_cert.data, userid->subject_cert.length); s4u_padata->length = userid->subject_cert.length; code = grow_pa_list(out_pa_list, out_pa_list_size, &s4u_padata, 1); diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index f4187dc04..9a7c261dd 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -239,10 +239,10 @@ k5_make_tgs_req(krb5_context context, if (padata[0] == NULL) goto cleanup; padata[0]->pa_type = KRB5_PADATA_AP_REQ; - padata[0]->contents = k5alloc(ap_req_asn1->length, &ret); + padata[0]->contents = k5memdup(ap_req_asn1->data, ap_req_asn1->length, + &ret); if (padata[0] == NULL) goto cleanup; - memcpy(padata[0]->contents, ap_req_asn1->data, ap_req_asn1->length); padata[0]->length = ap_req_asn1->length; /* Append copies of any other supplied padata. */ @@ -252,10 +252,10 @@ k5_make_tgs_req(krb5_context context, goto cleanup; pa->pa_type = in_padata[i]->pa_type; pa->length = in_padata[i]->length; - pa->contents = k5alloc(in_padata[i]->length, &ret); + pa->contents = k5memdup(in_padata[i]->contents, in_padata[i]->length, + &ret); if (pa->contents == NULL) goto cleanup; - memcpy(pa->contents, in_padata[i]->contents, in_padata[i]->length); padata[i + 1] = pa; } req.padata = padata; diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c index 10711f1d6..0aed147f3 100644 --- a/src/lib/krb5/krb/walk_rtree.c +++ b/src/lib/krb5/krb/walk_rtree.c @@ -303,19 +303,13 @@ rtree_capath_vals(krb5_context context, *vals = NULL; - clientz = calloc(client->length + 1, 1); - if (clientz == NULL) { - retval = ENOMEM; + clientz = k5memdup0(client->data, client->length, &retval); + if (clientz == NULL) goto error; - } - memcpy(clientz, client->data, client->length); - serverz = calloc(server->length + 1, 1); - if (serverz == NULL) { - retval = ENOMEM; + serverz = k5memdup0(server->data, server->length, &retval); + if (serverz == NULL) goto error; - } - memcpy(serverz, server->data, server->length); key[0] = "capaths"; key[1] = clientz; diff --git a/src/lib/krb5/os/an_to_ln.c b/src/lib/krb5/os/an_to_ln.c index 8108f3478..0f2600c28 100644 --- a/src/lib/krb5/os/an_to_ln.c +++ b/src/lib/krb5/os/an_to_ln.c @@ -375,7 +375,6 @@ aname_replacer(char *string, char **contextp, char **result) krb5_error_code kret; char *in = NULL, *out = NULL, *rule = NULL, *repl = NULL; char *cp, *ep, *tp; - size_t rule_size, repl_size; int doglobal; *result = NULL; @@ -418,24 +417,13 @@ aname_replacer(char *string, char **contextp, char **result) goto cleanup; } - /* Figure out sizes of strings and allocate them */ - rule_size = (size_t) (ep - &cp[2]); - repl_size = (size_t) (tp - &ep[1]); - rule = malloc(rule_size + 1); - if (!rule) { - kret = ENOMEM; + /* Copy the rule and replacement strings. */ + rule = k5memdup0(&cp[2], ep - &cp[2], &kret); + if (rule == NULL) goto cleanup; - } - repl = malloc(repl_size + 1); - if (!repl) { - kret = ENOMEM; + repl = k5memdup0(&ep[1], tp - &ep[1], &kret); + if (repl == NULL) goto cleanup; - } - - /* Copy the strings */ - memcpy(rule, &cp[2], rule_size); - memcpy(repl, &ep[1], repl_size); - rule[rule_size] = repl[repl_size] = '\0'; /* Check for trailing "g" */ doglobal = (tp[1] == 'g') ? 1 : 0; diff --git a/src/lib/krb5/os/changepw.c b/src/lib/krb5/os/changepw.c index 4ad8f32eb..46f4f0e5f 100644 --- a/src/lib/krb5/os/changepw.c +++ b/src/lib/krb5/os/changepw.c @@ -156,16 +156,11 @@ kpasswd_sendto_msg_callback(struct conn_state *conn, local_kaddr.magic = addrs[0]->magic; local_kaddr.addrtype = addrs[0]->addrtype; local_kaddr.length = addrs[0]->length; - local_kaddr.contents = malloc(addrs[0]->length); - if (local_kaddr.contents == NULL && addrs[0]->length != 0) { - code = ENOMEM; - krb5_free_addresses(ctx->context, addrs); - goto cleanup; - } - if (addrs[0]->length) - memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); - + local_kaddr.contents = k5memdup(addrs[0]->contents, addrs[0]->length, + &code); krb5_free_addresses(ctx->context, addrs); + if (local_kaddr.contents == NULL) + goto cleanup; } diff --git a/src/lib/krb5/os/get_krbhst.c b/src/lib/krb5/os/get_krbhst.c index 7db973aa2..d60736619 100644 --- a/src/lib/krb5/os/get_krbhst.c +++ b/src/lib/krb5/os/get_krbhst.c @@ -103,13 +103,9 @@ krb5_get_krbhst(krb5_context context, const krb5_data *realm, char ***hostlist) goto cleanup; } for (i = 0; i < count; i++) { - unsigned int len = strlen (values[i]) + 1; - rethosts[i] = malloc(len); - if (!rethosts[i]) { - retval = ENOMEM; + rethosts[i] = k5memdup0(values[i], strlen(values[i]), &retval); + if (rethosts[i] == NULL) goto cleanup; - } - memcpy (rethosts[i], values[i], len); } rethosts[count] = 0; cleanup: diff --git a/src/lib/krb5/os/hostaddr.c b/src/lib/krb5/os/hostaddr.c index 6be2abea8..a38fad5d9 100644 --- a/src/lib/krb5/os/hostaddr.c +++ b/src/lib/krb5/os/hostaddr.c @@ -101,12 +101,9 @@ krb5_os_hostaddr(krb5_context context, const char *name, addrs[i]->magic = KV5M_ADDRESS; addrs[i]->addrtype = atype; addrs[i]->length = addrlen; - addrs[i]->contents = malloc(addrs[i]->length); - if (!addrs[i]->contents) { - retval = ENOMEM; + addrs[i]->contents = k5memdup(ptr, addrlen, &retval); + if (addrs[i]->contents == NULL) goto errout; - } - memcpy (addrs[i]->contents, ptr, addrs[i]->length); i++; } diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c index ed8cc641e..5bf77761a 100644 --- a/src/lib/krb5/os/locate_kdc.c +++ b/src/lib/krb5/os/locate_kdc.c @@ -400,13 +400,11 @@ module_locate_server(krb5_context ctx, const krb5_data *realm, krb5int_free_plugin_dir_data(ptrs); return ENOMEM; } - realmz = malloc(realm->length + 1); + realmz = k5memdup0(realm->data, realm->length, &code); if (realmz == NULL) { krb5int_free_plugin_dir_data(ptrs); - return ENOMEM; + return code; } - memcpy(realmz, realm->data, realm->length); - realmz[realm->length] = '\0'; for (i = 0; ptrs[i]; i++) { void *blob; diff --git a/src/lib/krb5/rcache/rc_dfl.c b/src/lib/krb5/rcache/rc_dfl.c index cc42f461f..2981985ea 100644 --- a/src/lib/krb5/rcache/rc_dfl.c +++ b/src/lib/krb5/rcache/rc_dfl.c @@ -419,11 +419,9 @@ check_hash_extension(krb5_donot_replay *rep) end = strchr(str, ' '); if (!end) return 0; - msghash = malloc(end - str + 1); + msghash = k5memdup0(str, end - str, &retval); if (!msghash) return KRB5_RC_MALLOC; - memcpy(msghash, str, end - str); - msghash[end - str] = '\0'; str = end + 1; /* Parse out the client and server. */ diff --git a/src/lib/krb5/unicode/ucstr.c b/src/lib/krb5/unicode/ucstr.c index 625c9de1c..38d8d47d0 100644 --- a/src/lib/krb5/unicode/ucstr.c +++ b/src/lib/krb5/unicode/ucstr.c @@ -160,13 +160,9 @@ krb5int_utf8_normalize( if (i == len) { newdata->length = len; - newdata->data = malloc(newdata->length + 1); - if (newdata->data == NULL) { - retval = ENOMEM; + newdata->data = k5memdup0(s, len, &retval); + if (newdata->data == NULL) goto cleanup; - } - memcpy(newdata->data, s, len); - newdata->data[len] = '\0'; *newdataptr = newdata; return 0; } diff --git a/src/plugins/kdb/db2/adb_policy.c b/src/plugins/kdb/db2/adb_policy.c index fa6f0a38c..5e046ab61 100644 --- a/src/plugins/kdb/db2/adb_policy.c +++ b/src/plugins/kdb/db2/adb_policy.c @@ -211,10 +211,9 @@ osa_adb_get_policy(osa_adb_policy_t db, char *name, entry = k5alloc(sizeof(*entry), &ret); if (entry == NULL) goto error; - aligned_data = k5alloc(dbdata.size, &ret); + aligned_data = k5memdup(dbdata.data, dbdata.size, &ret); if (aligned_data == NULL) goto error; - memcpy(aligned_data, dbdata.data, dbdata.size); xdrmem_create(&xdrs, aligned_data, dbdata.size, XDR_DECODE); if (!xdr_osa_policy_ent_rec(&xdrs, entry)) { ret = OSA_ADB_FAILURE; @@ -343,11 +342,9 @@ osa_adb_iter_policy(osa_adb_policy_t db, osa_adb_iter_policy_func func, goto error; } - if(!(aligned_data = (char *) malloc(dbdata.size))) { - ret = ENOMEM; + aligned_data = k5memdup(dbdata.data, dbdata.size, &ret); + if (aligned_data == NULL) goto error; - } - memcpy(aligned_data, dbdata.data, dbdata.size); memset(entry, 0, sizeof(osa_policy_ent_rec)); xdrmem_create(&xdrs, aligned_data, dbdata.size, XDR_DECODE); diff --git a/src/plugins/kdb/db2/kdb_xdr.c b/src/plugins/kdb/db2/kdb_xdr.c index 184615cda..526496338 100644 --- a/src/plugins/kdb/db2/kdb_xdr.c +++ b/src/plugins/kdb/db2/kdb_xdr.c @@ -310,10 +310,9 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content, /* Check for extra data */ if (entry->len > KRB5_KDB_V1_BASE_LENGTH) { entry->e_length = entry->len - KRB5_KDB_V1_BASE_LENGTH; - entry->e_data = k5alloc(entry->e_length, &retval); + entry->e_data = k5memdup(nextloc, entry->e_length, &retval); if (entry->e_data == NULL) goto error_out; - memcpy(entry->e_data, nextloc, entry->e_length); nextloc += entry->e_length; } @@ -363,12 +362,10 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content, retval = KRB5_KDB_TRUNCATED_RECORD; goto error_out; } - if (((*tl_data)->tl_data_contents = (krb5_octet *) - malloc((*tl_data)->tl_data_length)) == NULL) { - retval = ENOMEM; + (*tl_data)->tl_data_contents = + k5memdup(nextloc, (*tl_data)->tl_data_length, &retval); + if ((*tl_data)->tl_data_contents == NULL) goto error_out; - } - memcpy((*tl_data)->tl_data_contents,nextloc,(*tl_data)->tl_data_length); nextloc += (*tl_data)->tl_data_length; tl_data = &((*tl_data)->tl_data_next); } @@ -411,13 +408,11 @@ krb5_decode_princ_entry(krb5_context context, krb5_data *content, goto error_out; } if (key_data->key_data_length[j]) { - if ((key_data->key_data_contents[j] = (krb5_octet *) - malloc(key_data->key_data_length[j])) == NULL) { - retval = ENOMEM; + key_data->key_data_contents[j] = + k5memdup(nextloc, key_data->key_data_length[j], + &retval); + if (key_data->key_data_contents[j] == NULL) goto error_out; - } - memcpy(key_data->key_data_contents[j], nextloc, - key_data->key_data_length[j]); nextloc += key_data->key_data_length[j]; } } diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c index 5f789da98..c4024b8d0 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c @@ -826,11 +826,9 @@ decode_tl_data(krb5_tl_data *tl_data, int tl_type, void **data) UNSTORE16_INT(curr, sublen); /* forward by 2 bytes */ curr += 2; - DN = malloc (sublen + 1); + DN = k5memdup0(curr, sublen, &st); if (DN == NULL) - return ENOMEM; - memcpy(DN, curr, sublen); - DN[sublen] = 0; + return st; *data = DN; curr += sublen; st = 0; @@ -854,11 +852,9 @@ decode_tl_data(krb5_tl_data *tl_data, int tl_type, void **data) UNSTORE16_INT(curr, sublen); /* forward by 2 bytes */ curr += 2; - DNarr[i] = malloc (sublen + 1); + DNarr[i] = k5memdup0(curr, sublen, &st); if (DNarr[i] == NULL) - return ENOMEM; - memcpy(DNarr[i], curr, sublen); - DNarr[i][sublen] = 0; + return st; ++i; curr += sublen; *data = DNarr; @@ -1292,12 +1288,10 @@ krb5_add_ber_mem_ldap_mod(LDAPMod ***mods, char *attribute, int op, return ENOMEM; (*mods)[i]->mod_bvalues[j]->bv_len = ber_values[j]->bv_len; - (*mods)[i]->mod_bvalues[j]->bv_val = malloc((*mods)[i]->mod_bvalues[j]->bv_len); + (*mods)[i]->mod_bvalues[j]->bv_val = + k5memdup(ber_values[j]->bv_val, ber_values[j]->bv_len, &st); if ((*mods)[i]->mod_bvalues[j]->bv_val == NULL) return ENOMEM; - - memcpy((*mods)[i]->mod_bvalues[j]->bv_val, ber_values[j]->bv_val, - ber_values[j]->bv_len); } (*mods)[i]->mod_bvalues[j] = NULL; return 0; diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c index 1e671c7ed..527873c1f 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c @@ -331,12 +331,9 @@ process_db_args(krb5_context context, char **db_args, xargs_t *xargs, dptr)) != 0) goto cleanup; } else { - *dptr = calloc (1, arg_val_len); - if (*dptr == NULL) { - st = ENOMEM; + *dptr = k5memdup(arg_val, arg_val_len, &st); + if (*dptr == NULL) goto cleanup; - } - memcpy(*dptr, arg_val, arg_val_len); } } } diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c index 132eef665..e37938211 100644 --- a/src/plugins/preauth/pkinit/pkinit_srv.c +++ b/src/plugins/preauth/pkinit/pkinit_srv.c @@ -639,11 +639,11 @@ pkinit_pick_kdf_alg(krb5_context context, krb5_data **kdf_list, tmp_oid = k5alloc(sizeof(krb5_data), &retval); if (retval) goto cleanup; - tmp_oid->data = k5alloc(supp_oid->length, &retval); + tmp_oid->data = k5memdup(supp_oid->data, supp_oid->length, + &retval); if (retval) goto cleanup; tmp_oid->length = supp_oid->length; - memcpy(tmp_oid->data, supp_oid->data, tmp_oid->length); *alg_oid = tmp_oid; /* don't free the OID in clean-up if we are returning it */ tmp_oid = NULL; |