Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 24 May 2016 04:34:46 +0000 (UTC)
From:      Garrett Cooper <ngie@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org
Subject:   svn commit: r300560 - stable/9/usr.sbin/bsnmpd/tools/libbsnmptools
Message-ID:  <201605240434.u4O4Yk4k025897@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: ngie
Date: Tue May 24 04:34:45 2016
New Revision: 300560
URL: https://svnweb.freebsd.org/changeset/base/300560

Log:
  MFC r299764,r299765,r299769,r299770,r299774,r299802,r299803,r299805,r299814:
  
  r299764:
  
  Use the size of the destination buffer, not the source buffer.
  
  Technically this is a no-op, but mute the clang warning in case the malloc call
  above for fstring ever changes in the future
  
  r299765:
  
  Fix theoretical buffer overflow issues in snmp_oid2asn_oid
  
  Increase the size of `string` by 1 to account for the '\0' terminator. In the event
  that `str` doesn't contain any non-alpha chars, i would be set to MAXSTR, and
  the subsequent strlcpy call would overflow by a character.
  
  Remove unnecessary `string[i] = '\0'` -- this is already handled by strlcpy.
  
  r299769:
  
  Use the size of the destination buffer instead of the malloc size, repeated, in order
  to mute a -Wstrlcpy-strlcat-size warning
  
  r299770:
  
  Fix up r299764
  
  I meant to use nitems, not sizeof(..) with the destination buffer. Using sizeof(..)
  on a pointer will always truncate the output in the destination buffer incorrectly
  
  Pointyhat to: ngie
  
  r299774:
  
  Do minimal work necessary to cure a -Wunused-but-set-variable warning from gcc
  
  How errno is saved before and restored after strtoul calls needs a rethink
  
  r299802:
  
  Fix up both r299764 and r299770
  
  nitems was wrong too, as it was being tested against a pointer instead of a buffer on
  the stack.
  
  Since the old code was just doing malloc, then strlcpy'ing the contents of the source
  buffer into the destination buffer, replace it all with a call to strdup..
  
  Supersized Duncecap to: ngie
  
  r299803:
  
  Replace malloc + memset(.., 0, ..) with calloc calls
  
  r299805:
  
  Fix up r299769
  
  Similar to r299802, it was noted that using nitems on scalar pointers is
  invalid.
  
  Use strdup instead of malloc + strlcpy (which is what the old code was doing
  anyhow).
  
  Pointyhat to: ngie
  
  r299814:
  
  Replace malloc + memset(.., 0, ..) with calloc calls

Modified:
  stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c
  stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c
  stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
Directory Properties:
  stable/9/   (props changed)
  stable/9/usr.sbin/   (props changed)
  stable/9/usr.sbin/bsnmpd/   (props changed)

Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c
==============================================================================
--- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c	Tue May 24 04:23:58 2016	(r300559)
+++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c	Tue May 24 04:34:45 2016	(r300560)
@@ -56,12 +56,11 @@ snmp_mapping_init(void)
 {
 	struct snmp_mappings *m;
 
-	if ((m = malloc(sizeof(struct snmp_mappings))) == NULL) {
+	if ((m = calloc(1, sizeof(struct snmp_mappings))) == NULL) {
 		syslog(LOG_ERR, "malloc() failed: %s", strerror(errno));
 		return (NULL);
 	}
 
-	memset(m, 0, sizeof(struct snmp_mappings));
 	return (m);
 }
 
@@ -269,21 +268,18 @@ enum_pair_insert(struct enum_pairs *head
 {
 	struct enum_pair *e_new;
 
-	if ((e_new = malloc(sizeof(struct enum_pair))) == NULL) {
+	if ((e_new = calloc(1, sizeof(struct enum_pair))) == NULL) {
 		syslog(LOG_ERR, "malloc() failed: %s", strerror(errno));
 		return (-1);
 	}
 
-	memset(e_new, 0, sizeof(struct enum_pair));
-
-	if ((e_new->enum_str = malloc(strlen(enum_str) + 1)) == NULL) {
+	if ((e_new->enum_str = strdup(enum_str)) == NULL) {
 		syslog(LOG_ERR, "malloc() failed: %s", strerror(errno));
 		free(e_new);
 		return (-1);
 	}
 
 	e_new->enum_val = enum_val;
-	strlcpy(e_new->enum_str, enum_str, strlen(enum_str) + 1);
 	STAILQ_INSERT_TAIL(headp, e_new, link);
 
 	return (1);
@@ -482,13 +478,11 @@ snmp_syntax_insert(struct snmp_idxlist *
 {
 	struct index *idx;
 
-	if ((idx = malloc(sizeof(struct index))) == NULL) {
+	if ((idx = calloc(1, sizeof(struct index))) == NULL) {
 		syslog(LOG_ERR, "malloc() failed: %s", strerror(errno));
 		return (-1);
 	}
 
-	memset(idx, 0, sizeof(struct index));
-
 	if (snmp_index_insert(headp, idx) < 0) {
 		free(idx);
 		return (-1);
@@ -558,18 +552,16 @@ snmp_enumtc_init(char *name)
 {
 	struct enum_type *enum_tc;
 
-	if ((enum_tc = malloc(sizeof(struct enum_type))) == NULL) {
+	if ((enum_tc = calloc(1, sizeof(struct enum_type))) == NULL) {
 		syslog(LOG_ERR, "malloc() failed: %s", strerror(errno));
 		return (NULL);
 	}
 
-	memset(enum_tc, 0, sizeof(struct enum_type));
-	if ((enum_tc->name = malloc(strlen(name) + 1)) == NULL) {
+	if ((enum_tc->name = strdup(name)) == NULL) {
 		syslog(LOG_ERR, "malloc() failed: %s", strerror(errno));
 		free(enum_tc);
 		return (NULL);
 	}
-	strlcpy(enum_tc->name, name, strlen(name) + 1);
 
 	return (enum_tc);
 }

Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c
==============================================================================
--- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c	Tue May 24 04:23:58 2016	(r300559)
+++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c	Tue May 24 04:34:45 2016	(r300560)
@@ -778,11 +778,11 @@ parse_ntp_ts(struct snmp_value *sv, char
 	saved_errno = errno;
 	v = strtoul(val, &endptr, 10);
 	if (errno != 0 || (v / 1000) > 9) {
-		saved_errno = errno;
+		errno = saved_errno;
 		warnx("Integer value %s not supported", val);
 		return (-1);
 	} else
-		saved_errno = errno;
+		errno = saved_errno;
 
 	if (*endptr != '.') {
 		warnx("Failed reading octet - %s", val);
@@ -799,11 +799,11 @@ parse_ntp_ts(struct snmp_value *sv, char
 	saved_errno = errno;
 	v = strtoul(val, &endptr, 10);
 	if (errno != 0 || (v / 1000) > 9) {
-		saved_errno = errno;
+		errno = saved_errno;
 		warnx("Integer value %s not supported", val);
 		return (-1);
 	} else
-		saved_errno = errno;
+		errno = saved_errno;
 
 	for (i = 0, d = 1000; i < 4; i++) {
 		ntp_ts[i + 4] = v / d;

Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c
==============================================================================
--- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c	Tue May 24 04:23:58 2016	(r300559)
+++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c	Tue May 24 04:34:45 2016	(r300560)
@@ -250,7 +250,7 @@ add_filename(struct snmp_toolinfo *snmpt
 			return (0);
 	}
 
-	if ((fstring = malloc(strlen(filename) + 1)) == NULL) {
+	if ((fstring = strdup(filename)) == NULL) {
 		warnx("malloc() failed - %s", strerror(errno));
 		return (-1);
 	}
@@ -263,7 +263,6 @@ add_filename(struct snmp_toolinfo *snmpt
 
 	if (cut != NULL)
 		asn_append_oid(&(entry->cut), cut);
-	strlcpy(fstring, filename, strlen(filename) + 1);
 	entry->name = fstring;
 	entry->done = done;
 	SLIST_INSERT_HEAD(&snmptoolctx->filelist, entry, link);
@@ -1059,7 +1058,7 @@ snmp_oid2asn_oid(struct snmp_toolinfo *s
     struct asn_oid *oid)
 {
 	int32_t i;
-	char string[MAXSTR], *endptr;
+	char string[MAXSTR + 1], *endptr;
 	struct snmp_object obj;
 
 	for (i = 0; i < MAXSTR; i++)
@@ -1075,7 +1074,6 @@ snmp_oid2asn_oid(struct snmp_toolinfo *s
 			return (NULL);
 	} else {
 		strlcpy(string, str, i + 1);
-		string[i] = '\0';
 		if (snmp_lookup_enumoid(snmptoolctx, &obj, string) < 0) {
 			warnx("Unknown string - %s", string);
 			return (NULL);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605240434.u4O4Yk4k025897>