From: Steffan Karger Date: Mon, 21 Sep 2015 18:48:33 +0000 (+0200) Subject: Replace strdup() calls for string_alloc() calls X-Git-Tag: v2.4_alpha1~240 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ddc7692d245017c71adc40ad5cc195617e39fce0;p=thirdparty%2Fopenvpn.git Replace strdup() calls for string_alloc() calls As reported by Bill Parker in trac #600, strdup() return values are not always correctly checked for failed allocations. This patch adds missing checks by using string_alloc(), which performs the required checks. Signed-off-by: Steffan Karger Acked-by: Gert Doering Message-Id: <561130FC.8090008@karger.me> URL: http://article.gmane.org/gmane.network.openvpn.devel/10176 Signed-off-by: Gert Doering --- diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index 0dc511b0f..24f52aa38 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -898,7 +898,7 @@ gc_reset (struct gc_arena *a) } static inline void -check_malloc_return (void *p) +check_malloc_return (const void *p) { if (!p) out_of_memory (); diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c index b7fc11e07..1d54ee727 100644 --- a/src/openvpn/cryptoapi.c +++ b/src/openvpn/cryptoapi.c @@ -46,6 +46,8 @@ #include #include +#include "buffer.h" + /* MinGW w32api 3.17 is still incomplete when it comes to CryptoAPI while * MinGW32-w64 defines all macros used. This is a hack around that problem. */ @@ -116,7 +118,7 @@ static char *ms_error_text(DWORD ms_err) (LPTSTR) &lpMsgBuf, 0, NULL); if (lpMsgBuf) { char *p; - rv = strdup(lpMsgBuf); + rv = string_alloc(lpMsgBuf, NULL); LocalFree(lpMsgBuf); /* trim to the left */ if (rv) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index f568d8745..3decd2367 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -822,7 +822,7 @@ void init_options_dev (struct options *options) { if (!options->dev && options->dev_node) { - char *dev_node = strdup(options->dev_node); /* POSIX basename() implementaions may modify its arguments */ + char *dev_node = string_alloc(options->dev_node, NULL); /* POSIX basename() implementaions may modify its arguments */ options->dev = basename (dev_node); } } diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c index 895e9facf..fd1930ae4 100644 --- a/src/openvpn/misc.c +++ b/src/openvpn/misc.c @@ -1615,7 +1615,7 @@ argv_extract_cmd_name (const char *path) { if (path) { - char *path_cp = strdup(path); /* POSIX basename() implementaions may modify its arguments */ + char *path_cp = string_alloc(path, NULL); /* POSIX basename() implementaions may modify its arguments */ const char *bn = basename (path_cp); if (bn) { diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 5ace1f347..de4fa38eb 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -2578,7 +2578,7 @@ check_file_access(const int type, const char *file, const int mode, const char * /* Is the directory path leading to the given file accessible? */ if (type & CHKACC_DIRPATH) { - char *fullpath = strdup(file); /* POSIX dirname() implementaion may modify its arguments */ + char *fullpath = string_alloc (file, NULL); /* POSIX dirname() implementaion may modify its arguments */ char *dirpath = dirname(fullpath); if (platform_access (dirpath, mode|X_OK) != 0) diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index dd0fab0bd..11c9ffbc7 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -197,7 +197,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) /* Parse allowed ciphers, getting IDs */ i = 0; - tmp_ciphers_orig = tmp_ciphers = strdup(ciphers); + tmp_ciphers_orig = tmp_ciphers = string_alloc (ciphers, NULL); token = strtok (tmp_ciphers, ":"); while(token)