Date: Sun, 10 May 2015 01:03:49 +0200 From: Baptiste Daroussin <bapt@FreeBSD.org> To: Garrett Cooper <yaneurabeya@gmail.com> Cc: "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org> Subject: Re: svn commit: r282685 - head/usr.sbin/pw Message-ID: <20150509230349.GG54347@ivaldir.etoilebsd.net> In-Reply-To: <4DE758E7-BE6B-45D6-A184-9443FB21F4A7@gmail.com> References: <201505091912.t49JCHRf067749@svn.freebsd.org> <4DE758E7-BE6B-45D6-A184-9443FB21F4A7@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--3xoW37o/FfUZJwQG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, May 09, 2015 at 03:54:09PM -0700, Garrett Cooper wrote: >=20 > > On May 9, 2015, at 12:12, Baptiste Daroussin <bapt@FreeBSD.org> wrote: > >=20 > > Author: bapt > > Date: Sat May 9 19:12:16 2015 > > New Revision: 282685 > > URL: https://svnweb.freebsd.org/changeset/base/282685 > >=20 > > Log: > > Replace malloc(3) + strcpy(3) + strcat(3) by asprintf(3) > >=20 > > Modified: > > head/usr.sbin/pw/pw_user.c > >=20 > > Modified: head/usr.sbin/pw/pw_user.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > > --- head/usr.sbin/pw/pw_user.c Sat May 9 19:11:01 2015 (r282684) > > +++ head/usr.sbin/pw/pw_user.c Sat May 9 19:12:16 2015 (r282685) > > @@ -363,11 +363,9 @@ pw_user(struct userconf * cnf, int mode, > > if (mode =3D=3D M_LOCK) { > > if (strncmp(pwd->pw_passwd, locked_str, sizeof(locked_str)-1= ) =3D=3D 0) > > errx(EX_DATAERR, "user '%s' is already locked", pwd->pw_= name); > > - passtmp =3D malloc(strlen(pwd->pw_passwd) + sizeof(locked_= str)); > > + asprintf(&passtmp, "%s%s", locked_str, pwd->pw_passwd); > > if (passtmp =3D=3D NULL) /* disaster */ > > errx(EX_UNAVAILABLE, "out of memory"); > > - strcpy(passtmp, locked_str); > > - strcat(passtmp, pwd->pw_passwd); > > pwd->pw_passwd =3D passtmp; > > edited =3D 1; > > } else if (mode =3D=3D M_UNLOCK) { >=20 > Please check the return values from asprintf.. As said in the manpage: If sufficient space cannot be allocated, asprintf() and vasprintf() will return -1 and set ret to be a NULL pointer. hence:=20 if (passtmp =3D=3D NULL) /* disaster */ errx(EX_UNAVAILABLE, "out of memory"); is checking properly asprintf return. Am I missing something? Best regards, Bapt --3xoW37o/FfUZJwQG Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlVOklUACgkQ8kTtMUmk6EzT1wCfZ5PyvooW1rvAGbyAhEtb5nZZ f0gAoIPwR5ZjjncMVOd6dzc54Q+qGdFs =oWr7 -----END PGP SIGNATURE----- --3xoW37o/FfUZJwQG--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150509230349.GG54347>