Date: Tue, 24 May 2016 04:34:46 +0000 (UTC) From: Garrett Cooper <ngie@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r300560 - stable/9/usr.sbin/bsnmpd/tools/libbsnmptools Message-ID: <201605240434.u4O4Yk4k025897@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ngie Date: Tue May 24 04:34:45 2016 New Revision: 300560 URL: https://svnweb.freebsd.org/changeset/base/300560 Log: MFC r299764,r299765,r299769,r299770,r299774,r299802,r299803,r299805,r299814: r299764: Use the size of the destination buffer, not the source buffer. Technically this is a no-op, but mute the clang warning in case the malloc call above for fstring ever changes in the future r299765: Fix theoretical buffer overflow issues in snmp_oid2asn_oid Increase the size of `string` by 1 to account for the '\0' terminator. In the event that `str` doesn't contain any non-alpha chars, i would be set to MAXSTR, and the subsequent strlcpy call would overflow by a character. Remove unnecessary `string[i] = '\0'` -- this is already handled by strlcpy. r299769: Use the size of the destination buffer instead of the malloc size, repeated, in order to mute a -Wstrlcpy-strlcat-size warning r299770: Fix up r299764 I meant to use nitems, not sizeof(..) with the destination buffer. Using sizeof(..) on a pointer will always truncate the output in the destination buffer incorrectly Pointyhat to: ngie r299774: Do minimal work necessary to cure a -Wunused-but-set-variable warning from gcc How errno is saved before and restored after strtoul calls needs a rethink r299802: Fix up both r299764 and r299770 nitems was wrong too, as it was being tested against a pointer instead of a buffer on the stack. Since the old code was just doing malloc, then strlcpy'ing the contents of the source buffer into the destination buffer, replace it all with a call to strdup.. Supersized Duncecap to: ngie r299803: Replace malloc + memset(.., 0, ..) with calloc calls r299805: Fix up r299769 Similar to r299802, it was noted that using nitems on scalar pointers is invalid. Use strdup instead of malloc + strlcpy (which is what the old code was doing anyhow). Pointyhat to: ngie r299814: Replace malloc + memset(.., 0, ..) with calloc calls Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c Directory Properties: stable/9/ (props changed) stable/9/usr.sbin/ (props changed) stable/9/usr.sbin/bsnmpd/ (props changed) Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c ============================================================================== --- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c Tue May 24 04:23:58 2016 (r300559) +++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmpmap.c Tue May 24 04:34:45 2016 (r300560) @@ -56,12 +56,11 @@ snmp_mapping_init(void) { struct snmp_mappings *m; - if ((m = malloc(sizeof(struct snmp_mappings))) == NULL) { + if ((m = calloc(1, sizeof(struct snmp_mappings))) == NULL) { syslog(LOG_ERR, "malloc() failed: %s", strerror(errno)); return (NULL); } - memset(m, 0, sizeof(struct snmp_mappings)); return (m); } @@ -269,21 +268,18 @@ enum_pair_insert(struct enum_pairs *head { struct enum_pair *e_new; - if ((e_new = malloc(sizeof(struct enum_pair))) == NULL) { + if ((e_new = calloc(1, sizeof(struct enum_pair))) == NULL) { syslog(LOG_ERR, "malloc() failed: %s", strerror(errno)); return (-1); } - memset(e_new, 0, sizeof(struct enum_pair)); - - if ((e_new->enum_str = malloc(strlen(enum_str) + 1)) == NULL) { + if ((e_new->enum_str = strdup(enum_str)) == NULL) { syslog(LOG_ERR, "malloc() failed: %s", strerror(errno)); free(e_new); return (-1); } e_new->enum_val = enum_val; - strlcpy(e_new->enum_str, enum_str, strlen(enum_str) + 1); STAILQ_INSERT_TAIL(headp, e_new, link); return (1); @@ -482,13 +478,11 @@ snmp_syntax_insert(struct snmp_idxlist * { struct index *idx; - if ((idx = malloc(sizeof(struct index))) == NULL) { + if ((idx = calloc(1, sizeof(struct index))) == NULL) { syslog(LOG_ERR, "malloc() failed: %s", strerror(errno)); return (-1); } - memset(idx, 0, sizeof(struct index)); - if (snmp_index_insert(headp, idx) < 0) { free(idx); return (-1); @@ -558,18 +552,16 @@ snmp_enumtc_init(char *name) { struct enum_type *enum_tc; - if ((enum_tc = malloc(sizeof(struct enum_type))) == NULL) { + if ((enum_tc = calloc(1, sizeof(struct enum_type))) == NULL) { syslog(LOG_ERR, "malloc() failed: %s", strerror(errno)); return (NULL); } - memset(enum_tc, 0, sizeof(struct enum_type)); - if ((enum_tc->name = malloc(strlen(name) + 1)) == NULL) { + if ((enum_tc->name = strdup(name)) == NULL) { syslog(LOG_ERR, "malloc() failed: %s", strerror(errno)); free(enum_tc); return (NULL); } - strlcpy(enum_tc->name, name, strlen(name) + 1); return (enum_tc); } Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c ============================================================================== --- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c Tue May 24 04:23:58 2016 (r300559) +++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptc.c Tue May 24 04:34:45 2016 (r300560) @@ -778,11 +778,11 @@ parse_ntp_ts(struct snmp_value *sv, char saved_errno = errno; v = strtoul(val, &endptr, 10); if (errno != 0 || (v / 1000) > 9) { - saved_errno = errno; + errno = saved_errno; warnx("Integer value %s not supported", val); return (-1); } else - saved_errno = errno; + errno = saved_errno; if (*endptr != '.') { warnx("Failed reading octet - %s", val); @@ -799,11 +799,11 @@ parse_ntp_ts(struct snmp_value *sv, char saved_errno = errno; v = strtoul(val, &endptr, 10); if (errno != 0 || (v / 1000) > 9) { - saved_errno = errno; + errno = saved_errno; warnx("Integer value %s not supported", val); return (-1); } else - saved_errno = errno; + errno = saved_errno; for (i = 0, d = 1000; i < 4; i++) { ntp_ts[i + 4] = v / d; Modified: stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c ============================================================================== --- stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c Tue May 24 04:23:58 2016 (r300559) +++ stable/9/usr.sbin/bsnmpd/tools/libbsnmptools/bsnmptools.c Tue May 24 04:34:45 2016 (r300560) @@ -250,7 +250,7 @@ add_filename(struct snmp_toolinfo *snmpt return (0); } - if ((fstring = malloc(strlen(filename) + 1)) == NULL) { + if ((fstring = strdup(filename)) == NULL) { warnx("malloc() failed - %s", strerror(errno)); return (-1); } @@ -263,7 +263,6 @@ add_filename(struct snmp_toolinfo *snmpt if (cut != NULL) asn_append_oid(&(entry->cut), cut); - strlcpy(fstring, filename, strlen(filename) + 1); entry->name = fstring; entry->done = done; SLIST_INSERT_HEAD(&snmptoolctx->filelist, entry, link); @@ -1059,7 +1058,7 @@ snmp_oid2asn_oid(struct snmp_toolinfo *s struct asn_oid *oid) { int32_t i; - char string[MAXSTR], *endptr; + char string[MAXSTR + 1], *endptr; struct snmp_object obj; for (i = 0; i < MAXSTR; i++) @@ -1075,7 +1074,6 @@ snmp_oid2asn_oid(struct snmp_toolinfo *s return (NULL); } else { strlcpy(string, str, i + 1); - string[i] = '\0'; if (snmp_lookup_enumoid(snmptoolctx, &obj, string) < 0) { warnx("Unknown string - %s", string); return (NULL);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605240434.u4O4Yk4k025897>