From owner-freebsd-audit Mon Dec 4 3:58:38 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 03:58:30 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 485A337B401 for ; Mon, 4 Dec 2000 03:58:29 -0800 (PST) Received: from earth.causticlabs.com (oca-c1s1-23.mfi.net [209.26.94.24]) by peitho.fxp.org (Postfix) with ESMTP id 1A7A51360E for ; Mon, 4 Dec 2000 06:58:30 -0500 (EST) Received: by earth.causticlabs.com (Postfix, from userid 1000) id C522C1F23; Mon, 4 Dec 2000 06:58:53 -0500 (EST) Date: Mon, 4 Dec 2000 06:58:53 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: config(8) patch (again) Message-ID: <20001204065853.A8036@earth.causticlabs.com> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: jedgar@earth.causticlabs.com Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG See below for a patch to config to properly check the return values of malloc(), strdup(), and asprintf() calls. The ns() define (#define ns(s) strdup(s)) has been converted to a 'safe' strdup function, resulting in fewer actual line changes. Also, I have quite a few small patches for review at: http://www.fxp.org/~jedgar/FreeBSD/diffs/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: config.h =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/config.h,v retrieving revision 1.39 diff -u -r1.39 config.h --- config.h 2000/09/29 13:30:24 1.39 +++ config.h 2000/12/01 19:41:41 @@ -145,6 +145,7 @@ void options(void); void makefile(void); void headers(void); +char *ns(const char *); extern struct device *dtab; @@ -162,4 +163,3 @@ extern char srcdir[]; /* root of the kernel source tree */ #define eq(a,b) (!strcmp(a,b)) -#define ns(s) strdup(s) Index: config.y =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/config.y,v retrieving revision 1.46 diff -u -r1.46 config.y --- config.y 2000/10/14 08:33:19 1.46 +++ config.y 2000/12/01 19:41:41 @@ -82,8 +82,6 @@ char errbuf[80]; int maxusers; -#define ns(s) strdup(s) - static void yyerror(char *s); @@ -131,6 +129,8 @@ = { struct cputype *cp = (struct cputype *)malloc(sizeof (struct cputype)); + if (!cp) + err(1, "out of memory"); memset(cp, 0, sizeof(*cp)); cp->cpu_name = $2; cp->cpu_next = cputype; @@ -165,6 +165,8 @@ Save_id = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = ns("KERNEL"); op->op_ownfile = 0; @@ -190,6 +192,8 @@ = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); char *s; + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = $1; op->op_next = opt; @@ -209,6 +213,8 @@ Save_id EQUALS Opt_value = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = $1; op->op_next = opt; @@ -243,6 +249,8 @@ Save_id EQUALS Opt_value = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = $1; op->op_ownfile = 0; /* for now */ @@ -291,6 +299,8 @@ struct device *np; np = (struct device *) malloc(sizeof *np); + if (!np) + err(1, "out of memory"); memset(np, 0, sizeof(*np)); *np = *dp; np->d_name = dp->d_name; Index: lang.l =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/lang.l,v retrieving revision 1.29 diff -u -r1.29 lang.l --- lang.l 2000/10/14 08:33:19 1.29 +++ lang.l 2000/12/01 19:41:41 @@ -80,7 +80,7 @@ BEGIN 0; if ((i = kw_lookup(yytext)) == -1) { - yylval.str = strdup(yytext); + yylval.str = ns(yytext); return ID; } return i; @@ -96,25 +96,25 @@ } {ID} { BEGIN 0; - yylval.str = strdup(yytext); + yylval.str = ns(yytext); return ID; } \\\"[^"]+\\\" { BEGIN 0; yytext[yyleng-2] = '"'; yytext[yyleng-1] = '\0'; - yylval.str = strdup(yytext + 1); + yylval.str = ns(yytext + 1); return ID; } \"[^"]+\" { BEGIN 0; yytext[yyleng-1] = '\0'; - yylval.str = strdup(yytext + 1); + yylval.str = ns(yytext + 1); return ID; } [^# \t\n]* { BEGIN 0; - yylval.str = strdup(yytext); + yylval.str = ns(yytext); return ID; } 0[0-7]* { Index: main.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/main.c,v retrieving revision 1.41 diff -u -r1.41 main.c --- main.c 2000/11/21 19:58:55 1.41 +++ main.c 2000/12/01 19:41:42 @@ -345,10 +345,13 @@ { char *cp = NULL; - if (file) + if (file) { asprintf(&cp, "%s/%s", destdir, file); - else - cp = strdup(destdir); + if (cp == NULL) + err(1, "out of memory"); + } else { + cp = ns(destdir); + } return (cp); } @@ -442,4 +445,14 @@ if (unlink(from_name) < 0) err(EX_OSERR, "unlink(%s)", from_name); } +} + +char * +ns(const char *s) +{ + char *retval; + + if ((retval = strdup(s)) == NULL) + err(1, "out of memory"); + return retval; } Index: mkheaders.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/mkheaders.c,v retrieving revision 1.17 diff -u -r1.17 mkheaders.c --- mkheaders.c 2000/11/21 19:58:55 1.17 +++ mkheaders.c 2000/12/01 19:41:42 @@ -148,6 +148,8 @@ if (cp == (char *)EOF) break; fl = (struct file_list *) malloc(sizeof *fl); + if (!fl) + err(1, "out of memory"); bzero(fl, sizeof(*fl)); fl->f_fn = inw; /* malloced */ fl->f_type = inc; @@ -165,6 +167,8 @@ } if (oldcount == -1) { fl = (struct file_list *) malloc(sizeof *fl); + if (!fl) + err(1, "out of memory"); bzero(fl, sizeof(*fl)); fl->f_fn = ns(name); fl->f_type = count; Index: mkmakefile.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/mkmakefile.c,v retrieving revision 1.57 diff -u -r1.57 mkmakefile.c --- mkmakefile.c 2000/11/25 03:25:34 1.57 +++ mkmakefile.c 2000/12/01 19:41:42 @@ -119,6 +119,8 @@ struct file_list *fp; fp = (struct file_list *) malloc(sizeof *fp); + if (!fp) + err(1, "out of memory"); bzero(fp, sizeof *fp); if (fcur == 0) fcur = ftab = fp; @@ -492,6 +494,8 @@ } if (std) { dp = (struct device *) malloc(sizeof *dp); + if (!dp) + err(1, "out of memory"); bzero(dp, sizeof *dp); dp->d_type = DEVICE; dp->d_name = ns(wd); Index: mkoptions.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/mkoptions.c,v retrieving revision 1.21 diff -u -r1.21 mkoptions.c --- mkoptions.c 2000/11/21 19:58:55 1.21 +++ mkoptions.c 2000/12/01 19:41:42 @@ -81,6 +81,8 @@ /* Fake the cpu types as options. */ for (cp = cputype; cp != NULL; cp = cp->cpu_next) { op = (struct opt *)malloc(sizeof(*op)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = ns(cp->cpu_name); op->op_next = opt; @@ -104,6 +106,8 @@ /* Fake MAXUSERS as an option. */ op = (struct opt *)malloc(sizeof(*op)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = "MAXUSERS"; snprintf(buf, sizeof(buf), "%d", maxusers); @@ -218,6 +222,8 @@ tidy++; } else { op = (struct opt *) malloc(sizeof *op); + if (!op) + err(1, "out of memory"); bzero(op, sizeof(*op)); op->op_name = inw; op->op_value = invalue; @@ -245,6 +251,8 @@ if (value && !seen) { /* New option appears */ op = (struct opt *) malloc(sizeof *op); + if (!op) + err(1, "out of memory"); bzero(op, sizeof(*op)); op->op_name = ns(name); op->op_value = value ? ns(value) : NULL; @@ -368,6 +376,8 @@ } po = (struct opt_list *) malloc(sizeof *po); + if (!po) + err(1, "out of memory"); bzero(po, sizeof(*po)); po->o_name = this; po->o_file = val; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message