From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 7 Apr 2010 06:04:19 +0000 (+1200)
Subject: Cleanup: wrap more helpers with safety code
X-Git-Tag: SQUID_3_2_0_1~315
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bb85e4246ed175acafc99a9f234d19fb826c328e;p=thirdparty%2Fsquid.git

Cleanup: wrap more helpers with safety code
---

diff --git a/helpers/basic_auth/LDAP/basic_ldap_auth.cc b/helpers/basic_auth/LDAP/basic_ldap_auth.cc
index 80153a3d0e..c150d2fe02 100644
--- a/helpers/basic_auth/LDAP/basic_ldap_auth.cc
+++ b/helpers/basic_auth/LDAP/basic_ldap_auth.cc
@@ -393,7 +393,7 @@ main(int argc, char **argv)
                 free(ldapServer);
                 ldapServer = newhost;
             } else {
-                ldapServer = strdup(value);
+                ldapServer = xstrdup(value);
             }
             break;
         case 'b':
@@ -513,13 +513,13 @@ main(int argc, char **argv)
             free(ldapServer);
             ldapServer = newhost;
         } else {
-            ldapServer = strdup(value);
+            ldapServer = xstrdup(value);
         }
         argc--;
         argv++;
     }
     if (!ldapServer)
-        ldapServer = strdup("localhost");
+        ldapServer = xstrdup("localhost");
 
     if (!basedn) {
         fprintf(stderr, "Usage: " PROGRAM_NAME " -b basedn [options] [ldap_server_name[:port]]...\n\n");
diff --git a/helpers/basic_auth/MSNT/usersfile.c b/helpers/basic_auth/MSNT/usersfile.c
index ce842222a1..7cbdcabd8f 100644
--- a/helpers/basic_auth/MSNT/usersfile.c
+++ b/helpers/basic_auth/MSNT/usersfile.c
@@ -1,4 +1,3 @@
-
 /*
  * usersfile.c
  * (C) 2000 Antonino Iannella, Stellar-X Pty Ltd
@@ -9,8 +8,11 @@
  * The code originated from denyusers.c.
  */
 
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+#include "util.h"
+
 #include <stdio.h>
-#include <stdlib.h>
 #include <string.h>
 #include <syslog.h>
 #include <unistd.h>
@@ -66,7 +68,7 @@ Read_usersfile(const char *path, usersfile * uf)
     } else {
         if (uf->path)
             free(uf->path);
-        uf->path = strdup(path);
+        uf->path = xstrdup(path);
     }
 
     /* Open the users file. Report any errors. */
@@ -113,7 +115,7 @@ Read_usersfile(const char *path, usersfile * uf)
                    '\0',
                    (uf->Alloc >> 1) * sizeof(*uf->names));
         }
-        uf->names[uf->Inuse] = strdup(buf);
+        uf->names[uf->Inuse] = xstrdup(buf);
         uf->Inuse++;
     }
     fclose(fp);
diff --git a/helpers/basic_auth/PAM/basic_pam_auth.cc b/helpers/basic_auth/PAM/basic_pam_auth.cc
index 6a2a31abf6..72e527448c 100644
--- a/helpers/basic_auth/PAM/basic_pam_auth.cc
+++ b/helpers/basic_auth/PAM/basic_pam_auth.cc
@@ -66,7 +66,6 @@
  * Compile this program with: gcc -o basic_pam_auth basic_pam_auth.cc -lpam -ldl
  */
 #define SQUID_NO_ALLOC_PROTECT 1
-#define SQUID_NO_STRING_BUFFER_PROTECT 1
 #include "config.h"
 
 #include "rfc1738.h"
@@ -78,9 +77,6 @@
 #if HAVE_ASSERT_H
 #include <assert.h>
 #endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
 #if HAVE_STRING_H
 #include <string.h>
 #endif
@@ -144,7 +140,7 @@ password_conversation(int num_msg, const struct pam_message **msg, struct pam_re
         fprintf(stderr, "ERROR: Out of memory!\n");
         return PAM_CONV_ERR;
     }
-    (*resp)[0].resp = strdup((char *) appdata_ptr);
+    (*resp)[0].resp = xstrdup((char *) appdata_ptr);
     (*resp)[0].resp_retcode = 0;
 
     return ((*resp)[0].resp ? PAM_SUCCESS : PAM_CONV_ERR);
diff --git a/helpers/basic_auth/SMB/basic_smb_auth.cc b/helpers/basic_auth/SMB/basic_smb_auth.cc
index 497ee52920..c215724dd6 100644
--- a/helpers/basic_auth/SMB/basic_smb_auth.cc
+++ b/helpers/basic_auth/SMB/basic_smb_auth.cc
@@ -40,6 +40,7 @@
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
  */
+#define SQUID_NO_ALLOC_PROTECT 1
 #include "config.h"
 #include "rfc1738.h"
 #include "util.h"
@@ -47,9 +48,6 @@
 #if HAVE_STDIO_H
 #include <stdio.h>
 #endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
 #if HAVE_STRING_H
 #include <string.h>
 #endif
@@ -178,7 +176,7 @@ main(int argc, char *argv[])
         }
         if (strcmp(argv[i], "-S") == 0) {
             if (lastdom != NULL) {
-                if ((lastdom->authshare = strdup(argv[++i])) == NULL)
+                if ((lastdom->authshare = xstrdup(argv[++i])) == NULL)
                     return 1;
 
                 /* convert backslashes to forward slashes */
diff --git a/helpers/digest_auth/eDirectory/edir_ldapext.c b/helpers/digest_auth/eDirectory/edir_ldapext.c
index 1106a38de2..f8a611afb1 100644
--- a/helpers/digest_auth/eDirectory/edir_ldapext.c
+++ b/helpers/digest_auth/eDirectory/edir_ldapext.c
@@ -22,6 +22,8 @@
  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  *
 */
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
 
 #include "digest_common.h"
 
diff --git a/helpers/digest_auth/eDirectory/ldap_backend.c b/helpers/digest_auth/eDirectory/ldap_backend.c
index 3cd5a7815a..e3cc11f612 100644
--- a/helpers/digest_auth/eDirectory/ldap_backend.c
+++ b/helpers/digest_auth/eDirectory/ldap_backend.c
@@ -5,6 +5,8 @@
  * ldap_backend.c
  * AUTHOR: Flavio Pescuma, MARA Systems AB <flavio@marasystems.com>
  */
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
 
 #define LDAP_DEPRECATED 1
 
@@ -242,7 +244,7 @@ retrysrch:
                 }
             }
         } else if (userdnattr) {
-            sprintf(searchbase, "%s=%s, %s", userdnattr, login, userbasedn);
+            snprintf(searchbase, 8192, "%s=%s, %s", userdnattr, login, userbasedn);
 
 retrydnattr:
             if (debug)
@@ -302,7 +304,7 @@ retrydnattr:
             if (debug)
                 printf("password: %s\n", password);
             if (password)
-                password = strdup(password);
+                password = xstrdup(password);
             if (edir_universal_passwd) {
                 free(values);
                 free(universal_password);
@@ -468,7 +470,7 @@ LDAPArguments(int argc, char **argv)
                 free(ldapServer);
                 ldapServer = newhost;
             } else {
-                ldapServer = strdup(value);
+                ldapServer = xstrdup(value);
             }
             break;
         case 'A':
@@ -597,7 +599,7 @@ LDAPArguments(int argc, char **argv)
             free(ldapServer);
             ldapServer = newhost;
         } else {
-            ldapServer = strdup(value);
+            ldapServer = xstrdup(value);
         }
         argc--;
         argv++;
@@ -665,7 +667,7 @@ readSecret(const char *filename)
     if ((e = strrchr(buf, '\r')))
         *e = 0;
 
-    bindpasswd = strdup(buf);
+    bindpasswd = xstrdup(buf);
     if (!bindpasswd) {
         fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
     }
diff --git a/helpers/digest_auth/ldap/ldap_backend.c b/helpers/digest_auth/ldap/ldap_backend.c
index 6fa0d16375..c7cd8281fd 100644
--- a/helpers/digest_auth/ldap/ldap_backend.c
+++ b/helpers/digest_auth/ldap/ldap_backend.c
@@ -5,6 +5,9 @@
  * ldap_backend.c
  * AUTHOR: Flavio Pescuma, MARA Systems AB <flavio@marasystems.com>
  */
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+#include "util.h"
 
 #define LDAP_DEPRECATED 1
 
@@ -237,7 +240,7 @@ retrysrch:
                 }
             }
         } else if (userdnattr) {
-            sprintf(searchbase, "%s=%s, %s", userdnattr, login, userbasedn);
+            snprintf(searchbase, 8192, "%s=%s, %s", userdnattr, login, userbasedn);
 
 retrydnattr:
             if (debug)
@@ -274,7 +277,7 @@ retrydnattr:
             if (debug)
                 printf("password: %s\n", password);
             if (password)
-                password = strdup(password);
+                password = xstrdup(password);
             ldap_value_free(values);
             ldap_msgfree(res);
             return password;
@@ -435,7 +438,7 @@ LDAPArguments(int argc, char **argv)
                 free(ldapServer);
                 ldapServer = newhost;
             } else {
-                ldapServer = strdup(value);
+                ldapServer = xstrdup(value);
             }
             break;
         case 'A':
@@ -561,7 +564,7 @@ LDAPArguments(int argc, char **argv)
             free(ldapServer);
             ldapServer = newhost;
         } else {
-            ldapServer = strdup(value);
+            ldapServer = xstrdup(value);
         }
         argc--;
         argv++;
@@ -628,7 +631,7 @@ readSecret(const char *filename)
     if ((e = strrchr(buf, '\r')))
         *e = 0;
 
-    bindpasswd = strdup(buf);
+    bindpasswd = xstrdup(buf);
     if (!bindpasswd) {
         fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
     }
diff --git a/helpers/external_acl/ldap_group/squid_ldap_group.c b/helpers/external_acl/ldap_group/squid_ldap_group.c
index 7420980562..3ed81fc2d0 100644
--- a/helpers/external_acl/ldap_group/squid_ldap_group.c
+++ b/helpers/external_acl/ldap_group/squid_ldap_group.c
@@ -32,6 +32,8 @@
  * as published by the Free Software Foundation; either version 2,
  * or (at your option) any later version.
  */
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
 
 #define LDAP_DEPRECATED 1
 
@@ -40,7 +42,6 @@
 
 #include <stdio.h>
 #include <string.h>
-#include <stdlib.h>
 #include <ctype.h>
 
 #ifdef _SQUID_MSWIN_		/* Native Windows port and MinGW */
@@ -264,7 +265,7 @@ main(int argc, char **argv)
                 free(ldapServer);
                 ldapServer = newhost;
             } else {
-                ldapServer = strdup(value);
+                ldapServer = xstrdup(value);
             }
             break;
         case 'b':
@@ -393,7 +394,7 @@ main(int argc, char **argv)
             free(ldapServer);
             ldapServer = newhost;
         } else {
-            ldapServer = strdup(value);
+            ldapServer = xstrdup(value);
         }
         argc--;
         argv++;
@@ -789,9 +790,9 @@ searchLDAP(LDAP * ld, char *group, char *login, char *extension_dn)
     } else if (userdnattr) {
         char dn[8192];
         if (extension_dn && *extension_dn)
-            sprintf(dn, "%s=%s, %s, %s", userdnattr, login, extension_dn, userbasedn ? userbasedn : basedn);
+            snprintf(dn, 8192, "%s=%s, %s, %s", userdnattr, login, extension_dn, userbasedn ? userbasedn : basedn);
         else
-            sprintf(dn, "%s=%s, %s", userdnattr, login, userbasedn ? userbasedn : basedn);
+            snprintf(dn, 8192, "%s=%s, %s", userdnattr, login, userbasedn ? userbasedn : basedn);
         return searchLDAPGroup(ld, group, dn, extension_dn);
     } else {
         return searchLDAPGroup(ld, group, login, extension_dn);
@@ -821,7 +822,7 @@ readSecret(const char *filename)
     if ((e = strrchr(buf, '\r')))
         *e = 0;
 
-    bindpasswd = strdup(buf);
+    bindpasswd = xstrdup(buf);
     if (!bindpasswd) {
         fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
     }