Date: Sat, 24 May 2003 10:45:15 -0700 (PDT) From: Dag-Erling Smorgrav <des@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 31792 for review Message-ID: <200305241745.h4OHjFce087836@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=31792 Change 31792 by des@des.at.des.thinksec.com on 2003/05/24 10:44:29 With one single exception (where the pointer is obviously being immediately overwritten), replace all use of free(3) with a macro that clears the pointer after freeing the memory it pointed to. Suggested by: Dmitry V. Levin <ldv@altlinux.org> Affected files ... .. //depot/projects/openpam/lib/openpam_borrow_cred.c#7 edit .. //depot/projects/openpam/lib/openpam_configure.c#7 edit .. //depot/projects/openpam/lib/openpam_dynamic.c#10 edit .. //depot/projects/openpam/lib/openpam_free_data.c#4 edit .. //depot/projects/openpam/lib/openpam_impl.h#23 edit .. //depot/projects/openpam/lib/openpam_load.c#16 edit .. //depot/projects/openpam/lib/openpam_log.c#22 edit .. //depot/projects/openpam/lib/openpam_set_option.c#10 edit .. //depot/projects/openpam/lib/openpam_ttyconv.c#18 edit .. //depot/projects/openpam/lib/pam_end.c#12 edit .. //depot/projects/openpam/lib/pam_error.c#9 edit .. //depot/projects/openpam/lib/pam_get_authtok.c#23 edit .. //depot/projects/openpam/lib/pam_get_user.c#16 edit .. //depot/projects/openpam/lib/pam_getenvlist.c#11 edit .. //depot/projects/openpam/lib/pam_info.c#8 edit .. //depot/projects/openpam/lib/pam_putenv.c#10 edit .. //depot/projects/openpam/lib/pam_set_data.c#14 edit .. //depot/projects/openpam/lib/pam_set_item.c#20 edit .. //depot/projects/openpam/lib/pam_setenv.c#9 edit .. //depot/projects/openpam/lib/pam_verror.c#7 edit .. //depot/projects/openpam/lib/pam_vinfo.c#7 edit .. //depot/projects/openpam/lib/pam_vprompt.c#11 edit Differences ... ==== //depot/projects/openpam/lib/openpam_borrow_cred.c#7 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#6 $ + * $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#7 $ */ #include <sys/param.h> @@ -77,13 +77,13 @@ scred->egid = getegid(); r = getgroups(NGROUPS_MAX, scred->groups); if (r == -1) { - free(scred); + FREE(scred); RETURNC(PAM_SYSTEM_ERR); } scred->ngroups = r; r = pam_set_data(pamh, PAM_SAVED_CRED, scred, &openpam_free_data); if (r != PAM_SUCCESS) { - free(scred); + FREE(scred); RETURNC(r); } if (geteuid() == pwd->pw_uid) ==== //depot/projects/openpam/lib/openpam_configure.c#7 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_configure.c#6 $ + * $P4: //depot/projects/openpam/lib/openpam_configure.c#7 $ */ #include <ctype.h> @@ -238,7 +238,7 @@ strcat(filename, service); r = openpam_read_policy_file(policy, service, filename, PAM_D_STYLE); - free(filename); + FREE(filename); } else { r = openpam_read_policy_file(policy, service, *path, PAM_CONF_STYLE); ==== //depot/projects/openpam/lib/openpam_dynamic.c#10 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_dynamic.c#9 $ + * $P4: //depot/projects/openpam/lib/openpam_dynamic.c#10 $ */ #include <dlfcn.h> @@ -69,11 +69,11 @@ *strrchr(vpath, '.') = '\0'; if ((dlh = dlopen(vpath, RTLD_LAZY)) == NULL) { openpam_log(PAM_LOG_DEBUG, "%s: %s", vpath, dlerror()); - free(module); + FREE(module); return (NULL); } } - free(vpath); + FREE(vpath); if ((module->path = strdup(path)) == NULL) goto buf_err; module->dlh = dlh; @@ -88,7 +88,7 @@ openpam_log(PAM_LOG_ERROR, "%m"); if (dlh != NULL) dlclose(dlh); - free(module); + FREE(module); return (NULL); } ==== //depot/projects/openpam/lib/openpam_free_data.c#4 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_free_data.c#3 $ + * $P4: //depot/projects/openpam/lib/openpam_free_data.c#4 $ */ #include <stdlib.h> @@ -54,7 +54,7 @@ ENTER(); (void)pamh; (void)status; - free(data); + FREE(data); RETURNV(); } ==== //depot/projects/openpam/lib/openpam_impl.h#23 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_impl.h#22 $ + * $P4: //depot/projects/openpam/lib/openpam_impl.h#23 $ */ #ifndef _OPENPAM_IMPL_H_INCLUDED @@ -124,6 +124,8 @@ #endif pam_module_t *openpam_dynamic(const char *); +#define FREE(p) do { free((p)); (p) = NULL; } while (0); + #ifdef DEBUG #define ENTER() openpam_log(PAM_LOG_DEBUG, "entering") #define ENTERI(i) do { \ ==== //depot/projects/openpam/lib/openpam_load.c#16 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_load.c#15 $ + * $P4: //depot/projects/openpam/lib/openpam_load.c#16 $ */ #include <dlfcn.h> @@ -136,8 +136,8 @@ if (module == modules) modules = module->next; openpam_log(PAM_LOG_DEBUG, "releasing %s", module->path); - free(module->path); - free(module); + FREE(module->path); + FREE(module); } @@ -154,10 +154,10 @@ openpam_destroy_chain(chain->next); chain->next = NULL; while (chain->optc--) - free(chain->optv[chain->optc]); - free(chain->optv); + FREE(chain->optv[chain->optc]); + FREE(chain->optv); openpam_release_module(chain->module); - free(chain); + FREE(chain); } /* ==== //depot/projects/openpam/lib/openpam_log.c#22 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_log.c#21 $ + * $P4: //depot/projects/openpam/lib/openpam_log.c#22 $ */ #include <ctype.h> @@ -112,7 +112,7 @@ va_start(ap, fmt); if (asprintf(&format, "in %s(): %s", func, fmt) > 0) { vsyslog(priority, format, ap); - free(format); + FREE(format); } else { vsyslog(priority, fmt, ap); } ==== //depot/projects/openpam/lib/openpam_set_option.c#10 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_set_option.c#9 $ + * $P4: //depot/projects/openpam/lib/openpam_set_option.c#10 $ */ #include <sys/param.h> @@ -89,7 +89,7 @@ /* add */ optv = realloc(cur->optv, sizeof(char *) * (cur->optc + 2)); if (optv == NULL) { - free(opt); + FREE(opt); RETURNC(PAM_BUF_ERR); } optv[i] = opt; @@ -98,7 +98,7 @@ ++cur->optc; } else { /* replace */ - free(cur->optv[i]); + FREE(cur->optv[i]); cur->optv[i] = opt; } RETURNC(PAM_SUCCESS); ==== //depot/projects/openpam/lib/openpam_ttyconv.c#18 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#17 $ + * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#18 $ */ #include <sys/types.h> @@ -179,8 +179,8 @@ RETURNC(PAM_SUCCESS); fail: while (i) - free(resp[--i]); - free(*resp); + FREE(resp[--i]); + FREE(*resp); *resp = NULL; RETURNC(PAM_CONV_ERR); } @@ -199,7 +199,7 @@ * of most text-based interactive programs. * * The =openpam_ttyconv function allows the application to specify a - * timeout for user input by setting the global variable + * timeout for user input by setting the global integer variable * :openpam_ttyconv_timeout to the length of the timeout in seconds. * * >openpam_nullconv ==== //depot/projects/openpam/lib/pam_end.c#12 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_end.c#11 $ + * $P4: //depot/projects/openpam/lib/pam_end.c#12 $ */ #include <stdlib.h> @@ -63,14 +63,14 @@ if (dp->cleanup) (dp->cleanup)(pamh, dp->data, status); pamh->module_data = dp->next; - free(dp->name); - free(dp); + FREE(dp->name); + FREE(dp); } /* clear environment */ while (pamh->env_count) - free(pamh->env[--pamh->env_count]); - free(pamh->env); + FREE(pamh->env[--pamh->env_count]); + FREE(pamh->env); /* clear chains */ openpam_clear_chains(pamh->chains); @@ -79,7 +79,7 @@ for (i = 0; i < PAM_NUM_ITEMS; ++i) pam_set_item(pamh, i, NULL); - free(pamh); + FREE(pamh); RETURNC(PAM_SUCCESS); } ==== //depot/projects/openpam/lib/pam_error.c#9 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_error.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_error.c#9 $ */ #include <stdarg.h> @@ -41,6 +41,8 @@ #include <security/pam_appl.h> #include <security/openpam.h> +#include "openpam_impl.h" + /* * OpenPAM extension * @@ -59,7 +61,7 @@ va_start(ap, fmt); r = pam_vprompt(pamh, PAM_ERROR_MSG, &rsp, fmt, ap); va_end(ap); - free(rsp); /* ignore response */ + FREE(rsp); /* ignore response */ return (r); } ==== //depot/projects/openpam/lib/pam_get_authtok.c#23 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#22 $ + * $P4: //depot/projects/openpam/lib/pam_get_authtok.c#23 $ */ #include <sys/param.h> @@ -109,19 +109,19 @@ if (twice) { r = pam_prompt(pamh, style, &resp2, "Retype %s", prompt); if (r != PAM_SUCCESS) { - free(resp); + FREE(resp); RETURNC(r); } if (strcmp(resp, resp2) != 0) { - free(resp); + FREE(resp); resp = NULL; } - free(resp2); + FREE(resp2); } if (resp == NULL) RETURNC(PAM_TRY_AGAIN); r = pam_set_item(pamh, item, resp); - free(resp); + FREE(resp); if (r != PAM_SUCCESS) RETURNC(r); r = pam_get_item(pamh, item, (const void **)authtok); ==== //depot/projects/openpam/lib/pam_get_user.c#16 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_get_user.c#15 $ + * $P4: //depot/projects/openpam/lib/pam_get_user.c#16 $ */ #include <sys/param.h> @@ -75,7 +75,7 @@ if (r != PAM_SUCCESS) RETURNC(r); r = pam_set_item(pamh, PAM_USER, resp); - free(resp); + FREE(resp); if (r != PAM_SUCCESS) RETURNC(r); r = pam_get_item(pamh, PAM_USER, (const void **)user); ==== //depot/projects/openpam/lib/pam_getenvlist.c#11 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_getenvlist.c#11 $ */ #include <stdlib.h> @@ -66,8 +66,8 @@ for (i = 0; i < pamh->env_count; ++i) { if ((envlist[i] = strdup(pamh->env[i])) == NULL) { while (i) - free(envlist[--i]); - free(envlist); + FREE(envlist[--i]); + FREE(envlist); openpam_log(PAM_LOG_ERROR, "%s", pam_strerror(pamh, PAM_BUF_ERR)); RETURNP(NULL); ==== //depot/projects/openpam/lib/pam_info.c#8 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_info.c#7 $ + * $P4: //depot/projects/openpam/lib/pam_info.c#8 $ */ #include <stdarg.h> @@ -41,6 +41,8 @@ #include <security/pam_appl.h> #include <security/openpam.h> +#include "openpam_impl.h" + /* * OpenPAM extension * @@ -59,7 +61,7 @@ va_start(ap, fmt); r = pam_vprompt(pamh, PAM_TEXT_INFO, &rsp, fmt, ap); va_end(ap); - free(rsp); /* ignore response */ + FREE(rsp); /* ignore response */ return (r); } ==== //depot/projects/openpam/lib/pam_putenv.c#10 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_putenv.c#9 $ + * $P4: //depot/projects/openpam/lib/pam_putenv.c#10 $ */ #include <stdlib.h> @@ -67,7 +67,7 @@ if ((i = openpam_findenv(pamh, namevalue, p - namevalue)) != -1) { if ((p = strdup(namevalue)) == NULL) RETURNC(PAM_BUF_ERR); - free(pamh->env[i]); + FREE(pamh->env[i]); pamh->env[i] = p; RETURNC(PAM_SUCCESS); } ==== //depot/projects/openpam/lib/pam_set_data.c#14 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_data.c#13 $ + * $P4: //depot/projects/openpam/lib/pam_set_data.c#14 $ */ #include <stdlib.h> @@ -73,7 +73,7 @@ if ((dp = malloc(sizeof *dp)) == NULL) RETURNC(PAM_BUF_ERR); if ((dp->name = strdup(module_data_name)) == NULL) { - free(dp); + FREE(dp); RETURNC(PAM_BUF_ERR); } dp->data = data; ==== //depot/projects/openpam/lib/pam_set_item.c#20 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_set_item.c#19 $ + * $P4: //depot/projects/openpam/lib/pam_set_item.c#20 $ */ #include <sys/param.h> @@ -90,7 +90,7 @@ } if (*slot != NULL) { memset(*slot, 0xd0, osize); - free(*slot); + FREE(*slot); } if (item != NULL) { if ((tmp = malloc(nsize)) == NULL) ==== //depot/projects/openpam/lib/pam_setenv.c#9 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_setenv.c#8 $ + * $P4: //depot/projects/openpam/lib/pam_setenv.c#9 $ */ #include <stdlib.h> @@ -75,7 +75,7 @@ RETURNC(PAM_BUF_ERR); sprintf(env, "%s=%s", name, value); r = pam_putenv(pamh, env); - free(env); + FREE(env); RETURNC(r); } ==== //depot/projects/openpam/lib/pam_verror.c#7 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_verror.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_verror.c#7 $ */ #include <stdarg.h> @@ -40,6 +40,8 @@ #include <security/pam_appl.h> #include <security/openpam.h> +#include "openpam_impl.h" + /* * OpenPAM extension * @@ -55,7 +57,7 @@ int r; r = pam_vprompt(pamh, PAM_ERROR_MSG, &rsp, fmt, ap); - free(rsp); /* ignore response */ + FREE(rsp); /* ignore response */ return (r); } ==== //depot/projects/openpam/lib/pam_vinfo.c#7 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_vinfo.c#6 $ + * $P4: //depot/projects/openpam/lib/pam_vinfo.c#7 $ */ #include <stdarg.h> @@ -40,6 +40,8 @@ #include <security/pam_appl.h> #include <security/openpam.h> +#include "openpam_impl.h" + /* * OpenPAM extension * @@ -55,7 +57,7 @@ int r; r = pam_vprompt(pamh, PAM_TEXT_INFO, &rsp, fmt, ap); - free(rsp); /* ignore response */ + FREE(rsp); /* ignore response */ return (r); } ==== //depot/projects/openpam/lib/pam_vprompt.c#11 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/pam_vprompt.c#10 $ + * $P4: //depot/projects/openpam/lib/pam_vprompt.c#11 $ */ #include <stdarg.h> @@ -77,7 +77,7 @@ rsp = NULL; r = (conv->conv)(1, &msgp, &rsp, conv->appdata_ptr); *resp = rsp == NULL ? NULL : rsp->resp; - free(rsp); + FREE(rsp); RETURNC(r); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305241745.h4OHjFce087836>