From owner-svn-src-all@FreeBSD.ORG Sat May 9 23:03:55 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0E3E9754; Sat, 9 May 2015 23:03:55 +0000 (UTC) Received: from mail-wi0-x22f.google.com (mail-wi0-x22f.google.com [IPv6:2a00:1450:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A72C51ECB; Sat, 9 May 2015 23:03:54 +0000 (UTC) Received: by widdi4 with SMTP id di4so61106540wid.0; Sat, 09 May 2015 16:03:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=5/ZTR/RuNxhFoC/dw1hPmc2wfSO4TQCFzU7FWFptd1k=; b=E36rDLf/H4qMpXTHGO6u1pnbni/CwD0Y11k2yVBiBPBe/Vz18q74ZTYc9fBRCgEMwd ZSCkubJZjtgH+6get43k0q06UMMFrG90MNLkIjpGMfbrWDH+DrAH0Cjs5NmeciOz2h8O I2jGpCiwhxF17RxxTOvlA/Dj6skw4v31waEd8500lXfg6cZLMvFfjDaDxTYf0kTZ61gJ 9xtbKdYXa3t0JzP4SjVpWcAq2hYh8SizL1i3KFDSq41lDO2hQi2hK1YdLW6SZjkG06VJ /A2xHFnEwv0BfznjwZqjn/5oGvm9WLdEBB+d0v4E+jN8q0bb7e0bX3296Ynczo9aIwIj 6hTw== X-Received: by 10.194.86.101 with SMTP id o5mr8118729wjz.8.1431212632209; Sat, 09 May 2015 16:03:52 -0700 (PDT) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id u9sm15351229wjx.15.2015.05.09.16.03.50 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 09 May 2015 16:03:51 -0700 (PDT) Sender: Baptiste Daroussin Date: Sun, 10 May 2015 01:03:49 +0200 From: Baptiste Daroussin To: Garrett Cooper Cc: "svn-src-head@freebsd.org" , "svn-src-all@freebsd.org" , "src-committers@freebsd.org" Subject: Re: svn commit: r282685 - head/usr.sbin/pw Message-ID: <20150509230349.GG54347@ivaldir.etoilebsd.net> References: <201505091912.t49JCHRf067749@svn.freebsd.org> <4DE758E7-BE6B-45D6-A184-9443FB21F4A7@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="3xoW37o/FfUZJwQG" Content-Disposition: inline In-Reply-To: <4DE758E7-BE6B-45D6-A184-9443FB21F4A7@gmail.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 May 2015 23:03:55 -0000 --3xoW37o/FfUZJwQG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, May 09, 2015 at 03:54:09PM -0700, Garrett Cooper wrote: >=20 > > On May 9, 2015, at 12:12, Baptiste Daroussin wrote: > >=20 > > Author: bapt > > Date: Sat May 9 19:12:16 2015 > > New Revision: 282685 > > URL: https://svnweb.freebsd.org/changeset/base/282685 > >=20 > > Log: > > Replace malloc(3) + strcpy(3) + strcat(3) by asprintf(3) > >=20 > > Modified: > > head/usr.sbin/pw/pw_user.c > >=20 > > Modified: head/usr.sbin/pw/pw_user.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > > --- head/usr.sbin/pw/pw_user.c Sat May 9 19:11:01 2015 (r282684) > > +++ head/usr.sbin/pw/pw_user.c Sat May 9 19:12:16 2015 (r282685) > > @@ -363,11 +363,9 @@ pw_user(struct userconf * cnf, int mode, > > if (mode =3D=3D M_LOCK) { > > if (strncmp(pwd->pw_passwd, locked_str, sizeof(locked_str)-1= ) =3D=3D 0) > > errx(EX_DATAERR, "user '%s' is already locked", pwd->pw_= name); > > - passtmp =3D malloc(strlen(pwd->pw_passwd) + sizeof(locked_= str)); > > + asprintf(&passtmp, "%s%s", locked_str, pwd->pw_passwd); > > if (passtmp =3D=3D NULL) /* disaster */ > > errx(EX_UNAVAILABLE, "out of memory"); > > - strcpy(passtmp, locked_str); > > - strcat(passtmp, pwd->pw_passwd); > > pwd->pw_passwd =3D passtmp; > > edited =3D 1; > > } else if (mode =3D=3D M_UNLOCK) { >=20 > Please check the return values from asprintf.. As said in the manpage: If sufficient space cannot be allocated, asprintf() and vasprintf() will return -1 and set ret to be a NULL pointer. hence:=20 if (passtmp =3D=3D NULL) /* disaster */ errx(EX_UNAVAILABLE, "out of memory"); is checking properly asprintf return. Am I missing something? Best regards, Bapt --3xoW37o/FfUZJwQG Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlVOklUACgkQ8kTtMUmk6EzT1wCfZ5PyvooW1rvAGbyAhEtb5nZZ f0gAoIPwR5ZjjncMVOd6dzc54Q+qGdFs =oWr7 -----END PGP SIGNATURE----- --3xoW37o/FfUZJwQG--