From nobody Fri Nov 18 16:00:53 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NDM2Y4Kwgz4hlcg; Fri, 18 Nov 2022 16:00:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NDM2Y3fzmz40TT; Fri, 18 Nov 2022 16:00:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668787253; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YivkctHlvGAx90vzXITPCRcWoRyA5taB9V8i9bPHJhk=; b=LcGBuTfib+QCAG7vqDurmbd7fEh5hb5U8LQZykuW31WVReimIcXZBrZLUsB1yyR4N61NRT yUR6w+7mHulJQYKT0/Q2HmAa+qNGqZ7YaElEeJgGhbnv4nb5nmnD4B2AhAXRyEVzZ2a55P 8czaMMaeHyjOlqMMVEZHkqHsWRgHCq8W4qAapOWL9FGGK34PN5e0V2F+1fYbsJxZeXIcw4 24knkRDenntVv8Ylxa5bdUSySssBJ7acorGjC7hivNDeCc5nOmmFLXytO7J72to33zz15u ho6+m9taFxL3rWn/HedEj8jf4P73RVq89MQqMf1OHc6NcIA1f369t+RnPNwucg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1668787253; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YivkctHlvGAx90vzXITPCRcWoRyA5taB9V8i9bPHJhk=; b=Nc1AiPLHdX7wcsKWM3goyUyYBiOggkbo0vvNRrb2sbVarxEHiAGZb7K8yqcnO7VSI9s2Ib emoHzeYtyr8V0R6HG5d89WUTtctMDIsYnFxPENAbxr4E47uVik+F5N7nosrPcy+X7fqxq/ xirXNCO1ikG9CXHAGzj2p/EpzhXG+0JsMzZaWEIgWk1OGB6MGVWULb8k/ErSU6BepixPZe YqHzFlQZq1VzXWySaEEknYuFXxpTAxC/sZF10pi0sPJgc9uFa6Ie1x3ukSB8jm8TQPutHa 9KAcbSRZst39MpiMSRbDXsmD1Zf47Cw5jL1fRfGxNBshfpAGfx24rg9cudsuZQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1668787253; a=rsa-sha256; cv=none; b=rBBHUHEIYgaLJhZDVjwPPVzAXSyeznvJx3aJ1eqw9PbO0PGQMg7mSR66JeyBFJGrqvegpG 5+1jEZpo49CnxB9FiWJ+77qRhXYrDxNPLi3OZwSfGr8msPvE+ZSiXvy7/nNhvBe5Kimkcz jNZw3zQYvvxoIBG1v9o8Rql/haua5s7NwWNzOx4t9Pbleo4eygwIXkzxehJ6Z5DQS9Kut8 eFOXuKOjJ6yMV/siqHuJset66qXtTQC7YKQKWD/slvJ/FoZLIKMBaQRt6icWPke9d+UV9k Vl9qCJRGeBRB6LYjZILngwPutTlHWU9yukCwUeUjnAstlIpH6YQFWW1qQAm9KQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NDM2Y2kXzz1QxH; Fri, 18 Nov 2022 16:00:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2AIG0rYJ025135; Fri, 18 Nov 2022 16:00:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2AIG0rWI025134; Fri, 18 Nov 2022 16:00:53 GMT (envelope-from git) Date: Fri, 18 Nov 2022 16:00:53 GMT Message-Id: <202211181600.2AIG0rWI025134@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: =?utf-8?Q?Dag-Erling=20Sm=C3=B8rgrav?= Subject: git: b15e052e7415 - main - tftpd: Plug memory leaks in option handling code. List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: b15e052e7415266b18bae08245109ee5dc7a4681 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=b15e052e7415266b18bae08245109ee5dc7a4681 commit b15e052e7415266b18bae08245109ee5dc7a4681 Author: Dag-Erling Smørgrav AuthorDate: 2022-11-18 15:39:15 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2022-11-18 15:39:44 +0000 tftpd: Plug memory leaks in option handling code. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D37423 --- libexec/tftpd/tftp-io.c | 2 +- libexec/tftpd/tftp-options.c | 79 ++++++++++++++++++++++++++++++++++++-------- libexec/tftpd/tftp-options.h | 5 +++ usr.bin/tftp/main.c | 26 ++++++--------- 4 files changed, 82 insertions(+), 30 deletions(-) diff --git a/libexec/tftpd/tftp-io.c b/libexec/tftpd/tftp-io.c index 245d73ffb871..4504946e910f 100644 --- a/libexec/tftpd/tftp-io.c +++ b/libexec/tftpd/tftp-io.c @@ -258,7 +258,7 @@ send_rrq(int peer, char *filename, char *mode) size += strlen(mode) + 1; if (options_rfc_enabled) { - options[OPT_TSIZE].o_request = strdup("0"); + options_set_request(OPT_TSIZE, "0"); size += make_options(peer, bp, sizeof(buf) - size); } diff --git a/libexec/tftpd/tftp-options.c b/libexec/tftpd/tftp-options.c index 01c47e66e9a5..cc902c7d2110 100644 --- a/libexec/tftpd/tftp-options.c +++ b/libexec/tftpd/tftp-options.c @@ -37,6 +37,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include #include @@ -64,6 +65,62 @@ struct options options[] = { int options_rfc_enabled = 1; int options_extra_enabled = 1; +int +options_set_request(enum opt_enum opt, const char *fmt, ...) +{ + va_list ap; + char *str; + int ret; + + if (fmt == NULL) { + str = NULL; + } else { + va_start(ap, fmt); + ret = vasprintf(&str, fmt, ap); + va_end(ap); + if (ret < 0) + return (ret); + } + if (options[opt].o_request != NULL && + options[opt].o_request != options[opt].o_reply) + free(options[opt].o_request); + options[opt].o_request = str; + return (0); +} + +int +options_set_reply(enum opt_enum opt, const char *fmt, ...) +{ + va_list ap; + char *str; + int ret; + + if (fmt == NULL) { + str = NULL; + } else { + va_start(ap, fmt); + ret = vasprintf(&str, fmt, ap); + va_end(ap); + if (ret < 0) + return (ret); + } + if (options[opt].o_reply != NULL && + options[opt].o_reply != options[opt].o_request) + free(options[opt].o_reply); + options[opt].o_reply = str; + return (0); +} + +static void +options_set_reply_equal_request(enum opt_enum opt) +{ + + if (options[opt].o_reply != NULL && + options[opt].o_reply != options[opt].o_request) + free(options[opt].o_reply); + options[opt].o_reply = options[opt].o_request; +} + /* * Rules for the option handlers: * - If there is no o_request, there will be no processing. @@ -90,12 +147,10 @@ option_tsize(int peer __unused, struct tftphdr *tp __unused, int mode, return (0); if (mode == RRQ) - asprintf(&options[OPT_TSIZE].o_reply, - "%ju", (uintmax_t)stbuf->st_size); + options_set_reply(OPT_TSIZE, "%ju", stbuf->st_size); else /* XXX Allows writes of all sizes. */ - options[OPT_TSIZE].o_reply = - strdup(options[OPT_TSIZE].o_request); + options_set_reply_equal_request(OPT_TSIZE); return (0); } @@ -119,8 +174,7 @@ option_timeout(int peer) exit(1); } else { timeoutpacket = to; - options[OPT_TIMEOUT].o_reply = - strdup(options[OPT_TIMEOUT].o_request); + options_set_reply_equal_request(OPT_TIMEOUT); } settimeouts(timeoutpacket, timeoutnetwork, maxtimeouts); @@ -151,8 +205,7 @@ option_rollover(int peer) } return (0); } - options[OPT_ROLLOVER].o_reply = - strdup(options[OPT_ROLLOVER].o_request); + options_set_reply_equal_request(OPT_ROLLOVER); if (debug & DEBUG_OPTIONS) tftp_log(LOG_DEBUG, "Setting rollover to '%s'", @@ -212,7 +265,7 @@ option_blksize(int peer) } } - asprintf(&options[OPT_BLKSIZE].o_reply, "%d", size); + options_set_reply(OPT_BLKSIZE, "%d", size); segsize = size; pktsize = size + 4; if (debug & DEBUG_OPTIONS) @@ -266,7 +319,7 @@ option_blksize2(int peer __unused) /* No need to return */ } - asprintf(&options[OPT_BLKSIZE2].o_reply, "%d", size); + options_set_reply(OPT_BLKSIZE2, "%d", size); segsize = size; pktsize = size + 4; if (debug & DEBUG_OPTIONS) @@ -301,7 +354,7 @@ option_windowsize(int peer) } /* XXX: Should force a windowsize of 1 for non-seekable files. */ - asprintf(&options[OPT_WINDOWSIZE].o_reply, "%d", size); + options_set_reply(OPT_WINDOWSIZE, "%d", size); windowsize = size; if (debug & DEBUG_OPTIONS) @@ -391,7 +444,7 @@ parse_options(int peer, char *buffer, uint16_t size) for (i = 0; options[i].o_type != NULL; i++) { if (strcmp(option, options[i].o_type) == 0) { if (!acting_as_client) - options[i].o_request = value; + options_set_request(i, "%s", value); if (!options_extra_enabled && !options[i].rfc) { tftp_log(LOG_INFO, "Option '%s' with value '%s' found " @@ -422,5 +475,5 @@ void init_options(void) { - options[OPT_ROLLOVER].o_request = strdup("0"); + options_set_request(OPT_ROLLOVER, "0"); } diff --git a/libexec/tftpd/tftp-options.h b/libexec/tftpd/tftp-options.h index cb387dba46c0..569d88d3c6d1 100644 --- a/libexec/tftpd/tftp-options.h +++ b/libexec/tftpd/tftp-options.h @@ -64,3 +64,8 @@ enum opt_enum { OPT_ROLLOVER, OPT_WINDOWSIZE, }; + +int options_set_request(enum opt_enum, const char *, ...) + __printflike(2, 3); +int options_set_reply(enum opt_enum, const char *, ...) + __printflike(2, 3); diff --git a/usr.bin/tftp/main.c b/usr.bin/tftp/main.c index b6d7bd2a0dcc..cfd486fb8418 100644 --- a/usr.bin/tftp/main.c +++ b/usr.bin/tftp/main.c @@ -496,7 +496,7 @@ put(int argc, char *argv[]) close(fd); return; } - asprintf(&options[OPT_TSIZE].o_request, "%ju", sb.st_size); + options_set_request(OPT_TSIZE, "%ju", (uintmax_t)sb.st_size); if (verbose) printf("putting %s to %s:%s [%s]\n", @@ -524,7 +524,7 @@ put(int argc, char *argv[]) free(path); continue; } - asprintf(&options[OPT_TSIZE].o_request, "%ju", sb.st_size); + options_set_request(OPT_TSIZE, "%ju", (uintmax_t)sb.st_size); if (verbose) printf("putting %s to %s:%s [%s]\n", @@ -926,16 +926,13 @@ setrollover(int argc, char *argv[]) if (argc == 2) { if (strcasecmp(argv[1], "never") == 0 || strcasecmp(argv[1], "none") == 0) { - free(options[OPT_ROLLOVER].o_request); - options[OPT_ROLLOVER].o_request = NULL; + options_set_request(OPT_ROLLOVER, NULL); } if (strcasecmp(argv[1], "1") == 0) { - free(options[OPT_ROLLOVER].o_request); - options[OPT_ROLLOVER].o_request = strdup("1"); + options_set_request(OPT_ROLLOVER, "1"); } if (strcasecmp(argv[1], "0") == 0) { - free(options[OPT_ROLLOVER].o_request); - options[OPT_ROLLOVER].o_request = strdup("0"); + options_set_request(OPT_ROLLOVER, "0"); } } printf("Support for the rollover options is %s.\n", @@ -1001,10 +998,9 @@ setblocksize(int argc, char *argv[]) printf("Blocksize can't be bigger than %ld bytes due " "to the net.inet.udp.maxdgram sysctl limitation.\n", maxdgram - 4); - asprintf(&options[OPT_BLKSIZE].o_request, - "%ld", maxdgram - 4); + options_set_request(OPT_BLKSIZE, "%ld", maxdgram - 4); } else { - asprintf(&options[OPT_BLKSIZE].o_request, "%d", size); + options_set_request(OPT_BLKSIZE, "%d", size); } } printf("Blocksize is now %s bytes.\n", options[OPT_BLKSIZE].o_request); @@ -1057,10 +1053,9 @@ setblocksize2(int argc, char *argv[]) for (i = 0; sizes[i+1] != 0; i++) { if ((int)maxdgram < sizes[i+1]) break; } - asprintf(&options[OPT_BLKSIZE2].o_request, - "%d", sizes[i]); + options_set_request(OPT_BLKSIZE2, "%d", sizes[i]); } else { - asprintf(&options[OPT_BLKSIZE2].o_request, "%d", size); + options_set_request(OPT_BLKSIZE2, "%d", size); } } printf("Blocksize2 is now %s bytes.\n", @@ -1094,8 +1089,7 @@ setwindowsize(int argc, char *argv[]) "blocks.\n", WINDOWSIZE_MIN, WINDOWSIZE_MAX); return; } else { - asprintf(&options[OPT_WINDOWSIZE].o_request, "%d", - size); + options_set_request(OPT_WINDOWSIZE, "%d", size); } } printf("Windowsize is now %s blocks.\n",