lsfd: remove strcpy(), keep things based on sizeof()

* use safe xstrncpy() rather than strcpy()
* use sizeof() for static buffers rather than macro with real size
  (this solution is more robust for future code changes)
* use xcalloc() to zeroize allocated memory

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/misc-utils/lsfd-filter.c b/misc-utils/lsfd-filter.c
index 55adb23afd14666726328eafe5117b637a4f9d55..3f5ba1fea072717833be084218d29153bd56334b 100644 (file)
--- a/misc-utils/lsfd-filter.c
+++ b/misc-utils/lsfd-filter.c
@@ -95,8 +95,7 @@ struct parser {
        struct libscols_column *(*add_column_by_id)(struct libscols_table *, int, void*);
        void *data;
        struct parameter *parameters;
-#define ERRMSG_LEN 128
-       char errmsg[ERRMSG_LEN];
+       char errmsg[128];
 };
 
 enum node_type {
@@ -164,7 +163,7 @@ struct lsfd_filter {
        struct node  *node;
        struct parameter *parameters;
        int nparams;
-       char errmsg[ERRMSG_LEN];
+       char errmsg[ sizeof_member(struct parser, errmsg) ];
 };
 
 /*
@@ -414,7 +413,7 @@ static void parser_read_str(struct parser *parser, struct token *token, char del
                char c = parser_getc(parser);
 
                if (c == '\0') {
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: string literal is not terminated: %s"),
                                 token->val.str? : "");
                        return;
@@ -508,7 +507,7 @@ static struct token *parser_read(struct parser *parser)
                t->type = TOKEN_CLOSE;
                parser->paren_level--;
                if (parser->paren_level < 0)
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: unbalanced parenthesis: %s"), parser->cursor - 1);
                break;
        case '!':
@@ -557,7 +556,7 @@ static struct token *parser_read(struct parser *parser)
                        t->val.op2 = OP2_RE_MATCH;
                        break;
                }
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected character %c after ="), c0);
                break;
        case '&':
@@ -567,7 +566,7 @@ static struct token *parser_read(struct parser *parser)
                        t->val.op2 = OP2_AND;
                        break;
                }
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected character %c after ="), c0);
                break;
        case '|':
@@ -577,7 +576,7 @@ static struct token *parser_read(struct parser *parser)
                        t->val.op2 = OP2_OR;
                        break;
                }
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected character %c after ="), c0);
                break;
        case '"':
@@ -638,11 +637,11 @@ static struct token *parser_read(struct parser *parser)
                        t->type = TOKEN_DEC;
                        xstrputc(&t->val.str, c);
                        if (parser_read_dec(parser, t) != 0)
-                               snprintf(parser->errmsg, ERRMSG_LEN,
+                               snprintf(parser->errmsg, sizeof(parser->errmsg),
                                         _("error: failed to convert input to number"));
                        break;
                }
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected character %c"), c);
                break;
        }
@@ -697,7 +696,7 @@ static struct node *dparser_compile1(struct parser *parser, struct node *last)
                case TOKEN_FALSE:
                case TOKEN_OPEN:
                case TOKEN_OP1:
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: unexpected token: %s after %s"), t->val.str,
                                 NODE_CLASS(last)->name);
                        token_free(t);
@@ -708,7 +707,7 @@ static struct node *dparser_compile1(struct parser *parser, struct node *last)
        } else {
                switch (t->type) {
                case TOKEN_OP2:
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: empty left side expression: %s"),
                                 TOKEN_OP2_CLASS(t)->name);
                        token_free(t);
@@ -723,7 +722,7 @@ static struct node *dparser_compile1(struct parser *parser, struct node *last)
        case TOKEN_NAME: {
                int col_id = parser->column_name_to_id(t->val.str, parser->data);
                if (col_id == LSFD_FILTER_UNKNOWN_COL_ID) {
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: no such column: %s"), t->val.str);
                        token_free(t);
                        return NULL;
@@ -734,7 +733,7 @@ static struct node *dparser_compile1(struct parser *parser, struct node *last)
                if (!cl) {
                        cl = parser->add_column_by_id(parser->tb, col_id, parser->data);
                        if (!cl) {
-                               snprintf(parser->errmsg, ERRMSG_LEN,
+                               snprintf(parser->errmsg, sizeof(parser->errmsg),
                                         _("error: cannot add a column to table: %s"), t->val.str);
                                token_free(t);
                                return NULL;
@@ -756,7 +755,7 @@ static struct node *dparser_compile1(struct parser *parser, struct node *last)
                        ntype = NODE_BOOL;
                        break;
                default:
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: unsupported column data type: %d, column: %s"),
                                 jtype, t->val.str);
                        return NULL;
@@ -801,7 +800,7 @@ static struct node *dparser_compile1(struct parser *parser, struct node *last)
                }
 
                if (op1_right == NULL) {
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: empty right side expression: %s"),
                                 op1_class->name);
                        return NULL;
@@ -831,7 +830,7 @@ static struct node *dparser_compile1(struct parser *parser, struct node *last)
                        return NULL;
                }
                if (op2_right == NULL) {
-                       snprintf(parser->errmsg, ERRMSG_LEN,
+                       snprintf(parser->errmsg, sizeof(parser->errmsg),
                                 _("error: empty right side expression: %s"),
                                 op2_class->name);
                        return NULL;
@@ -871,9 +870,9 @@ static struct node *dparser_compile(struct parser *parser)
 
                if (node == node0) {
                        if (node == NULL)
-                               strncpy(parser->errmsg,
+                               xstrncpy(parser->errmsg,
                                        _("error: empty filter expression"),
-                                       ERRMSG_LEN - 1);
+                                       sizeof(parser->errmsg));
                        return node;
                }
                node = node0;
@@ -1073,7 +1072,7 @@ static bool op1_check_type_bool_or_op(struct parser* parser, struct op1_class *o
                                      struct node *node)
 {
        if (! (node->type == NODE_OP1 || node->type == NODE_OP2 || node->type == NODE_BOOL)) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected operand type %s for: %s"),
                         NODE_CLASS(node)->name,
                         op1_class->name);
@@ -1196,7 +1195,7 @@ static bool op2_check_type_boolean_or_op(struct parser* parser, struct op2_class
        enum node_type lt = left->type, rt = right->type;
 
        if (!(lt == NODE_OP1 || lt == NODE_OP2 || lt == NODE_BOOL)) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected left operand type %s for: %s"),
                         NODE_CLASS(left)->name,
                         op2_class->name);
@@ -1204,7 +1203,7 @@ static bool op2_check_type_boolean_or_op(struct parser* parser, struct op2_class
        }
 
        if (! (rt == NODE_OP1 || rt == NODE_OP2 || rt == NODE_BOOL)) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected right operand type %s for: %s"),
                         NODE_CLASS(right)->name,
                         op2_class->name);
@@ -1229,7 +1228,7 @@ static bool op2_check_type_num(struct parser* parser, struct op2_class *op2_clas
                               struct node *left, struct node *right)
 {
        if (left->type != NODE_NUM) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected left operand type %s for: %s"),
                         NODE_CLASS(left)->name,
                         op2_class->name);
@@ -1237,7 +1236,7 @@ static bool op2_check_type_num(struct parser* parser, struct op2_class *op2_clas
        }
 
        if (right->type != NODE_NUM) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected right operand type %s for: %s"),
                         NODE_CLASS(right)->name,
                         op2_class->name);
@@ -1251,7 +1250,7 @@ static bool op2_check_type_re(struct parser* parser, struct op2_class *op2_class
                              struct node *left, struct node *right)
 {
        if (left->type != NODE_STR) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected left operand type %s for: %s"),
                         NODE_CLASS(left)->name,
                         op2_class->name);
@@ -1259,14 +1258,14 @@ static bool op2_check_type_re(struct parser* parser, struct op2_class *op2_class
        }
 
        if (right->type != NODE_STR) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: unexpected right operand type %s for: %s"),
                         NODE_CLASS(right)->name,
                         op2_class->name);
                return false;
        }
        if (PINDEX(right) >= 0) {
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: string literal is expected as right operand for: %s"),
                         op2_class->name);
                return false;
@@ -1282,7 +1281,7 @@ static bool op2_check_type_re(struct parser* parser, struct op2_class *op2_class
 
                regerror(err, &VAL(right, re), buf, size);
 
-               snprintf(parser->errmsg, ERRMSG_LEN,
+               snprintf(parser->errmsg, sizeof(parser->errmsg),
                         _("error: could not compile regular expression %s: %s"),
                         regex, buf);
                free(buf);
@@ -1310,28 +1309,27 @@ struct lsfd_filter *lsfd_filter_new(const char *const expr, struct libscols_tabl
                    data);
 
        node = dparser_compile(&parser);
+       filter = xcalloc(1, sizeof(struct lsfd_filter));
 
-       filter = xmalloc(sizeof(struct lsfd_filter));
-       filter->errmsg[0] = '\0';
        if (GOT_ERROR(&parser)) {
-               strcpy(filter->errmsg, parser.errmsg);
+               xstrncpy(filter->errmsg, parser.errmsg, sizeof(filter->errmsg));
                return filter;
        }
        assert(node);
        if (parser.paren_level > 0) {
                node_free(node);
-               strncpy(filter->errmsg, _("error: unbalanced parenthesis: ("), ERRMSG_LEN - 1);
+               xstrncpy(filter->errmsg, _("error: unbalanced parenthesis: ("), sizeof(filter->errmsg));
                return filter;
        }
        if (*parser.cursor  != '\0') {
                node_free(node);
-               snprintf(filter->errmsg, ERRMSG_LEN,
+               snprintf(filter->errmsg, sizeof(filter->errmsg),
                         _("error: garbage at the end of expression: %s"), parser.cursor);
                return filter;
        }
        if (node->type == NODE_STR || node->type == NODE_NUM) {
                node_free(node);
-               snprintf(filter->errmsg, ERRMSG_LEN,
+               snprintf(filter->errmsg, sizeof(filter->errmsg),
                         _("error: bool expression is expected: %s"), expr);
                return filter;
        }

diff --git a/misc-utils/lsfd-sock-xinfo.c b/misc-utils/lsfd-sock-xinfo.c
index aae4e84df7793e8516b9d3fb598d04c8a8ff4ed3..3795d290d30eb59477c7c07c732cd0e2dd5ea009 100644 (file)
--- a/misc-utils/lsfd-sock-xinfo.c
+++ b/misc-utils/lsfd-sock-xinfo.c
@@ -367,10 +367,10 @@ static void load_xinfo_from_proc_unix(ino_t netns_inode)
                uint32_t type;
                unsigned int st;
                unsigned long inode;
-               char path[1 + UNIX_PATH_MAX +1];
                struct unix_xinfo *ux;
+               char path[ sizeof_member(struct unix_xinfo, path) ] = { 0 };
+
 
-               memset(path, 0, sizeof(path));
                if (sscanf(line, "%*x: %*x %*x %" SCNx64 " %x %x %lu %s",
                           &flags, &type, &st, &inode, path) < 4)
                        continue;
@@ -378,7 +378,7 @@ static void load_xinfo_from_proc_unix(ino_t netns_inode)
                if (inode == 0)
                        continue;
 
-               ux = xmalloc(sizeof(struct unix_xinfo));
+               ux = xcalloc(1, sizeof(struct unix_xinfo));
                ux->sock.class = &unix_xinfo_class;
                ux->sock.inode = (ino_t)inode;
                ux->sock.netns_inode = netns_inode;
@@ -386,7 +386,7 @@ static void load_xinfo_from_proc_unix(ino_t netns_inode)
                ux->acceptcon = !!flags;
                ux->type = type;
                ux->st = st;
-               strcpy(ux->path, path);
+               xstrncpy(ux->path, path, sizeof(ux->path));
 
                add_sock_info((struct sock_xinfo *)ux);
        }
@@ -658,7 +658,7 @@ static void load_xinfo_from_proc_inet_L3(ino_t netns_inode, const char *proc_fil
                if (inode == 0)
                        continue;
 
-               tcp = xmalloc(sizeof(struct tcp_xinfo));
+               tcp = xcalloc(1, sizeof(struct tcp_xinfo));
                inet = (struct inet_xinfo *)tcp;
                sock = (struct sock_xinfo *)inet;
                sock->class = class;