tree-wide: do not use (void) asprintf

asprintf(3) says that the pointer is "undefined" after a failed call.
In the current glibc implementation it is just NULL. In principle the
call could return a valid pointer with bad contents or something.

We have two styles of error handling: in a majority of cases we would
check the return value, but sometimes we used (void) and relied on the
pointer not being set. In practice both styles should be equivalent,
but gcc doesn't like the second one with -Wunused-result. (Though only
sometimes. E.g. on my F34 box I don't get the same warnings as in CI,
even though the compiler version is very similar and the compilation
options are the same…). It's also nice to be consistent in our code base.
So let's always use the first style of error checking.

diff --git a/src/analyze/analyze-security.c b/src/analyze/analyze-security.c
index f20606c17ca4fc01110ba9a14d4b3d463cd77b80..4d41834c3f85fc5e7739e2c7311f59817740bb3a 100644 (file)
--- a/src/analyze/analyze-security.c
+++ b/src/analyze/analyze-security.c
@@ -583,11 +583,12 @@ static int assess_system_call_filter(
         assert(a->parameter < _SYSCALL_FILTER_SET_MAX);
         const SyscallFilterSet *f = syscall_filter_sets + a->parameter;
 
-        char *d = NULL;
+        _cleanup_free_ char *d = NULL;
         uint64_t b;
+        int r;
 
         if (!info->system_call_filter_allow_list && set_isempty(info->system_call_filter)) {
-                d = strdup("Service does not filter system calls");
+                r = free_and_strdup(&d, "Service does not filter system calls");
                 b = 10;
         } else {
                 bool bad;
@@ -599,34 +600,33 @@ static int assess_system_call_filter(
 
                 if (info->system_call_filter_allow_list) {
                         if (bad) {
-                                (void) asprintf(&d, "System call allow list defined for service, and %s is included "
-                                                "(e.g. %s is allowed)",
-                                                f->name, offender);
+                                r = asprintf(&d, "System call allow list defined for service, and %s is included "
+                                             "(e.g. %s is allowed)",
+                                             f->name, offender);
                                 b = 9;
                         } else {
-                                (void) asprintf(&d, "System call allow list defined for service, and %s is not included",
-                                                f->name);
+                                r = asprintf(&d, "System call allow list defined for service, and %s is not included",
+                                             f->name);
                                 b = 0;
                         }
                 } else {
                         if (bad) {
-                                (void) asprintf(&d, "System call deny list defined for service, and %s is not included "
-                                                "(e.g. %s is allowed)",
-                                                f->name, offender);
+                                r = asprintf(&d, "System call deny list defined for service, and %s is not included "
+                                             "(e.g. %s is allowed)",
+                                             f->name, offender);
                                 b = 10;
                         } else {
-                                (void) asprintf(&d, "System call deny list defined for service, and %s is included",
-                                                f->name);
+                                r = asprintf(&d, "System call deny list defined for service, and %s is included",
+                                             f->name);
                                 b = 0;
                         }
                 }
         }
-
-        if (!d)
+        if (r < 0)
                 return log_oom();
 
         *ret_badness = b;
-        *ret_description = d;
+        *ret_description = TAKE_PTR(d);
 
         return 0;
 }

diff --git a/src/basic/rlimit-util.c b/src/basic/rlimit-util.c
index 23d108d5df397affe43ad0246258289cc2f654df..1ab41c69741552c57a0b0a59031929b516da28ac 100644 (file)
--- a/src/basic/rlimit-util.c
+++ b/src/basic/rlimit-util.c
@@ -300,26 +300,26 @@ int rlimit_parse(int resource, const char *val, struct rlimit *ret) {
 }
 
 int rlimit_format(const struct rlimit *rl, char **ret) {
-        char *s = NULL;
+        _cleanup_free_ char *s = NULL;
+        int r;
 
         assert(rl);
         assert(ret);
 
         if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY)
-                s = strdup("infinity");
+                r = free_and_strdup(&s, "infinity");
         else if (rl->rlim_cur >= RLIM_INFINITY)
-                (void) asprintf(&s, "infinity:" RLIM_FMT, rl->rlim_max);
+                r = asprintf(&s, "infinity:" RLIM_FMT, rl->rlim_max);
         else if (rl->rlim_max >= RLIM_INFINITY)
-                (void) asprintf(&s, RLIM_FMT ":infinity", rl->rlim_cur);
+                r = asprintf(&s, RLIM_FMT ":infinity", rl->rlim_cur);
         else if (rl->rlim_cur == rl->rlim_max)
-                (void) asprintf(&s, RLIM_FMT, rl->rlim_cur);
+                r = asprintf(&s, RLIM_FMT, rl->rlim_cur);
         else
-                (void) asprintf(&s, RLIM_FMT ":" RLIM_FMT, rl->rlim_cur, rl->rlim_max);
-
-        if (!s)
+                r = asprintf(&s, RLIM_FMT ":" RLIM_FMT, rl->rlim_cur, rl->rlim_max);
+        if (r < 0)
                 return -ENOMEM;
 
-        *ret = s;
+        *ret = TAKE_PTR(s);
         return 0;
 }
 

diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c
index 7483b46a11d7dc79367c0351573c3ed577e0ef10..bdfa145ab7d640bc69c65737cd793ee258dcf2da 100644 (file)
--- a/src/libsystemd/sd-bus/bus-error.c
+++ b/src/libsystemd/sd-bus/bus-error.c
@@ -252,10 +252,15 @@ int bus_error_setfv(sd_bus_error *e, const char *name, const char *format, va_li
                         return -ENOMEM;
                 }
 
-                /* If we hit OOM on formatting the pretty message, we ignore
-                 * this, since we at least managed to write the error name */
-                if (format)
-                        (void) vasprintf((char**) &e->message, format, ap);
+                if (format) {
+                        _cleanup_free_ char *mesg = NULL;
+
+                        /* If we hit OOM on formatting the pretty message, we ignore
+                         * this, since we at least managed to write the error name */
+
+                        if (vasprintf(&mesg, format, ap) >= 0)
+                                e->message = TAKE_PTR(mesg);
+                }
 
                 e->_need_free = 1;
         }

diff --git a/src/shared/varlink.c b/src/shared/varlink.c
index 6b0b343ae92c7f31c63442c9f4fefe4f41b96a59..3a53c16a724249338bfb6f25932a2ec820ffc30c 100644 (file)
--- a/src/shared/varlink.c
+++ b/src/shared/varlink.c
@@ -2145,7 +2145,9 @@ int varlink_server_add_connection(VarlinkServer *server, int fd, Varlink **ret)
                 v->ucred_acquired = true;
         }
 
-        (void) asprintf(&v->description, "%s-%i", server->description ?: "varlink", v->fd);
+        _cleanup_free_ char *desc = NULL;
+        if (asprintf(&desc, "%s-%i", server->description ?: "varlink", v->fd) >= 0)
+                v->description = TAKE_PTR(desc);
 
         /* Link up the server and the connection, and take reference in both directions. Note that the
          * reference on the connection is left dangling. It will be dropped when the connection is closed,