Replace strdup() calls for string_alloc() calls

As reported by Bill Parker in trac #600, strdup() return values are not
always correctly checked for failed allocations.  This patch adds missing
checks by using string_alloc(), which performs the required checks.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <561130FC.8090008@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10176
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit ddc7692d245017c71adc40ad5cc195617e39fce0)

diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h
index d306a04acd90e5b625ccf9d03345aec545bea9de..58f0601975141b529c85cd760058bf7376f2fd6e 100644 (file)
--- a/src/openvpn/buffer.h
+++ b/src/openvpn/buffer.h
@@ -873,7 +873,7 @@ gc_reset (struct gc_arena *a)
 }
 
 static inline void
-check_malloc_return (void *p)
+check_malloc_return (const void *p)
 {
   if (!p)
     out_of_memory ();

diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
index b7fc11e07016e1894aef02502b6e1c7259866cac..1d54ee7276a28e084d09c607774015b2d38d7be3 100644 (file)
--- a/src/openvpn/cryptoapi.c
+++ b/src/openvpn/cryptoapi.c
@@ -46,6 +46,8 @@
 #include <ctype.h>
 #include <assert.h>
 
+#include "buffer.h"
+
 /* MinGW w32api 3.17 is still incomplete when it comes to CryptoAPI while
  * MinGW32-w64 defines all macros used. This is a hack around that problem.
  */
@@ -116,7 +118,7 @@ static char *ms_error_text(DWORD ms_err)
        (LPTSTR) &lpMsgBuf, 0, NULL);
     if (lpMsgBuf) {
        char *p;
-       rv = strdup(lpMsgBuf);
+       rv = string_alloc(lpMsgBuf, NULL);
        LocalFree(lpMsgBuf);
        /* trim to the left */
        if (rv)

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 71c91a25138eb014102a4ead62a3692593154dc7..218173573361afb73cb2e5fee5c8e8ecbc2ad048 100644 (file)
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -840,7 +840,7 @@ void
 init_options_dev (struct options *options)
 {
   if (!options->dev && options->dev_node) {
-    char *dev_node = strdup(options->dev_node); /* POSIX basename() implementaions may modify its arguments */
+    char *dev_node = string_alloc(options->dev_node, NULL); /* POSIX basename() implementaions may modify its arguments */
     options->dev = basename (dev_node);
   }
 }

diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index f20d05921c44f30865fc7f3843aceb739603556a..bca5e42af626e42d5a9c36312b50f018897df3d1 100644 (file)
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -1647,7 +1647,7 @@ argv_extract_cmd_name (const char *path)
 {
   if (path)
     {
-      char *path_cp = strdup(path); /* POSIX basename() implementaions may modify its arguments */
+      char *path_cp = string_alloc(path, NULL); /* POSIX basename() implementaions may modify its arguments */
       const char *bn = basename (path_cp);
       if (bn)
        {

diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 7ff5f7731efedf5664cc44f632da715d05fcb81e..019ae6cb2c4bd619d2fa05edad22eaaf7399a392 100644 (file)
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -2617,7 +2617,7 @@ check_file_access(const int type, const char *file, const int mode, const char *
   /* Is the directory path leading to the given file accessible? */
   if (type & CHKACC_DIRPATH)
     {
-      char *fullpath = strdup(file);  /* POSIX dirname() implementaion may modify its arguments */
+      char *fullpath = string_alloc (file, NULL);  /* POSIX dirname() implementaion may modify its arguments */
       char *dirpath = dirname(fullpath);
 
       if (platform_access (dirpath, mode|X_OK) != 0)

diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c
index 30c73957d5c4fdd72092d49e0dd1e4092aabf730..562ace014ae2c404bcc79b89ae14379611957eb6 100644 (file)
--- a/src/openvpn/ssl_polarssl.c
+++ b/src/openvpn/ssl_polarssl.c
@@ -191,7 +191,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
 
   /* Parse allowed ciphers, getting IDs */
   i = 0;
-  tmp_ciphers_orig = tmp_ciphers = strdup(ciphers);
+  tmp_ciphers_orig = tmp_ciphers = string_alloc (ciphers, NULL);
 
   token = strtok (tmp_ciphers, ":");
   while(token)