tree-wide: make cunescape*() functions return ssize_t

Strictly speaking, we are returning the size of a memory chunk of
arbitrary size, so ssize_t is more appropriate than int.

diff --git a/src/basic/escape.c b/src/basic/escape.c
index 00ab4ab73f18a6e4973acd31196edc8237775c04..6095ac43b55b3ff09839a976b085d5ccc47340eb 100644 (file)
--- a/src/basic/escape.c
+++ b/src/basic/escape.c
@@ -288,7 +288,7 @@ int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit,
         return r;
 }
 
-int cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret) {
+ssize_t cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret) {
         _cleanup_free_ char *ans = NULL;
         char *t;
         const char *f;

diff --git a/src/basic/escape.h b/src/basic/escape.h
index 907b572bd4ad8d7a21b2cf8a1545b4f13bf7465e..98e61789c49906dad713b7a018c316c36c8bc2c1 100644 (file)
--- a/src/basic/escape.h
+++ b/src/basic/escape.h
@@ -45,14 +45,15 @@ char* cescape(const char *s);
 char* cescape_length(const char *s, size_t n);
 int cescape_char(char c, char *buf);
 
-int cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret);
-static inline int cunescape_length(const char *s, size_t length, UnescapeFlags flags, char **ret) {
+int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit, bool accept_nul);
+
+ssize_t cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret);
+static inline ssize_t cunescape_length(const char *s, size_t length, UnescapeFlags flags, char **ret) {
         return cunescape_length_with_prefix(s, length, NULL, flags, ret);
 }
-static inline int cunescape(const char *s, UnescapeFlags flags, char **ret) {
+static inline ssize_t cunescape(const char *s, UnescapeFlags flags, char **ret) {
         return cunescape_length(s, strlen(s), flags, ret);
 }
-int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit, bool accept_nul);
 
 typedef enum XEscapeFlags {
         XESCAPE_8_BIT          = 1 << 0,

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index c72f5c22da79a48093fd7ed5611dd502c5bb2f1c..a3ac73f8232e54555380675d99c4c4a894afd84c 100644 (file)
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -1010,8 +1010,6 @@ int config_parse_exec_input_text(
         _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
         ExecContext *c = data;
         const Unit *u = userdata;
-        size_t sz;
-        void *p;
         int r;
 
         assert(data);
@@ -1026,9 +1024,9 @@ int config_parse_exec_input_text(
                 return 0;
         }
 
-        r = cunescape(rvalue, 0, &unescaped);
-        if (r < 0) {
-                log_syntax(unit, LOG_WARNING, filename, line, r,
+        ssize_t l = cunescape(rvalue, 0, &unescaped);
+        if (l < 0) {
+                log_syntax(unit, LOG_WARNING, filename, line, l,
                            "Failed to decode C escaped text '%s', ignoring: %m", rvalue);
                 return 0;
         }
@@ -1040,7 +1038,7 @@ int config_parse_exec_input_text(
                 return 0;
         }
 
-        sz = strlen(resolved);
+        size_t sz = strlen(resolved);
         if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
             c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
                 log_syntax(unit, LOG_WARNING, filename, line, 0,
@@ -1049,7 +1047,7 @@ int config_parse_exec_input_text(
                 return 0;
         }
 
-        p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
+        void *p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
         if (!p)
                 return log_oom();
 
@@ -4516,7 +4514,7 @@ int config_parse_set_credential(
                 }
         } else {
                 char *unescaped = NULL;
-                int l;
+                ssize_t l;
 
                 /* We support escape codes here, so that users can insert trailing \n if they like */
                 l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped);

diff --git a/src/core/path.c b/src/core/path.c
index e098e83a311ce0ddcedec580056b93efa1ea2a2a..87930f637f2d5607005193d7626332ab2ecfa8b8 100644 (file)
--- a/src/core/path.c
+++ b/src/core/path.c
@@ -674,13 +674,14 @@ static int path_deserialize_item(Unit *u, const char *key, const char *value, FD
                         p->result = f;
 
         } else if (streq(key, "path-spec")) {
-                int previous_exists, skip = 0, r;
+                int previous_exists, skip = 0;
                 _cleanup_free_ char *type_str = NULL;
 
                 if (sscanf(value, "%ms %i %n", &type_str, &previous_exists, &skip) < 2)
                         log_unit_debug(u, "Failed to parse path-spec value: %s", value);
                 else {
                         _cleanup_free_ char *unescaped = NULL;
+                        ssize_t l;
                         PathType type;
                         PathSpec *s;
 
@@ -690,9 +691,9 @@ static int path_deserialize_item(Unit *u, const char *key, const char *value, FD
                                 return 0;
                         }
 
-                        r = cunescape(value+skip, 0, &unescaped);
-                        if (r < 0) {
-                                log_unit_warning_errno(u, r, "Failed to unescape serialize path: %m");
+                        l = cunescape(value+skip, 0, &unescaped);
+                        if (l < 0) {
+                                log_unit_warning_errno(u, l, "Failed to unescape serialize path: %m");
                                 return 0;
                         }
 

diff --git a/src/core/service.c b/src/core/service.c
index cb0a528f0d62b23175e430d67fa710ade81a666c..34aac18dd88a5198e5c22b795891e1f531cbe804 100644 (file)
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -2890,10 +2890,11 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
                         log_unit_error_errno(u, r, "Unable to deserialize current bus owner %s: %m", value);
         } else if (streq(key, "status-text")) {
                 char *t;
+                ssize_t l;
 
-                r = cunescape(value, 0, &t);
-                if (r < 0)
-                        log_unit_debug_errno(u, r, "Failed to unescape status text '%s': %m", value);
+                l = cunescape(value, 0, &t);
+                if (l < 0)
+                        log_unit_debug_errno(u, l, "Failed to unescape status text '%s': %m", value);
                 else
                         free_and_replace(s->status_text, t);
 

diff --git a/src/core/swap.c b/src/core/swap.c
index 3843b1950004ed630644cb634c49a2aac3daf0db..fabee3c1f3b27ed45e5b39bfc4fd7a0691326c02 100644 (file)
--- a/src/core/swap.c
+++ b/src/core/swap.c
@@ -1202,8 +1202,9 @@ static int swap_load_proc_swaps(Manager *m, bool set_flags) {
                         continue;
                 }
 
-                if (cunescape(dev, UNESCAPE_RELAX, &d) < 0)
-                        return log_oom();
+                ssize_t l = cunescape(dev, UNESCAPE_RELAX, &d);
+                if (l < 0)
+                        return log_error_errno(l, "Failed to unescape device path: %m");
 
                 device_found_node(m, d, DEVICE_FOUND_SWAP, DEVICE_FOUND_SWAP);
 

diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index 0fa41b836028b3bcd8b482951a21021c4d052686..8243ea108f5c64073593167d1e62ff55dea0ab0f 100644 (file)
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -453,7 +453,6 @@ static char* disk_description(const char *path) {
         _cleanup_(sd_device_unrefp) sd_device *device = NULL;
         const char *i, *name;
         struct stat st;
-        int r;
 
         assert(path);
 
@@ -468,14 +467,15 @@ static char* disk_description(const char *path) {
 
         if (sd_device_get_property_value(device, "ID_PART_ENTRY_NAME", &name) >= 0) {
                 _cleanup_free_ char *unescaped = NULL;
+                ssize_t l;
 
                 /* ID_PART_ENTRY_NAME uses \x style escaping, using libblkid's blkid_encode_string(). Let's
                  * reverse this here to make the string more human friendly in case people embed spaces or
                  * other weird stuff. */
 
-                r = cunescape(name, UNESCAPE_RELAX, &unescaped);
-                if (r < 0) {
-                        log_debug_errno(r, "Failed to unescape ID_PART_ENTRY_NAME, skipping device: %m");
+                l = cunescape(name, UNESCAPE_RELAX, &unescaped);
+                if (l < 0) {
+                        log_debug_errno(l, "Failed to unescape ID_PART_ENTRY_NAME, skipping device: %m");
                         return NULL;
                 }
 

diff --git a/src/import/pull-common.c b/src/import/pull-common.c
index 75c5c7493ec4d7f3cb2395fceefefcd73f2232ce..cb77454e0f6983015e216fd1f94601828548c31d 100644 (file)
--- a/src/import/pull-common.c
+++ b/src/import/pull-common.c
@@ -34,10 +34,6 @@ int pull_find_old_etags(
                 const char *suffix,
                 char ***etags) {
 
-        _cleanup_free_ char *escaped_url = NULL;
-        _cleanup_closedir_ DIR *d = NULL;
-        _cleanup_strv_free_ char **l = NULL;
-        struct dirent *de;
         int r;
 
         assert(url);
@@ -46,11 +42,11 @@ int pull_find_old_etags(
         if (!image_root)
                 image_root = "/var/lib/machines";
 
-        escaped_url = xescape(url, FILENAME_ESCAPE);
+        _cleanup_free_ char *escaped_url = xescape(url, FILENAME_ESCAPE);
         if (!escaped_url)
                 return -ENOMEM;
 
-        d = opendir(image_root);
+        _cleanup_closedir_ DIR *d = opendir(image_root);
         if (!d) {
                 if (errno == ENOENT) {
                         *etags = NULL;
@@ -60,6 +56,9 @@ int pull_find_old_etags(
                 return -errno;
         }
 
+        _cleanup_strv_free_ char **ans = NULL;
+        struct dirent *de;
+
         FOREACH_DIRENT_ALL(de, d, return -errno) {
                 _cleanup_free_ char *u = NULL;
                 const char *a, *b;
@@ -93,19 +92,21 @@ int pull_find_old_etags(
                 if (a >= b)
                         continue;
 
-                r = cunescape_length(a, b - a, 0, &u);
-                if (r < 0)
-                        return r;
+                ssize_t l = cunescape_length(a, b - a, 0, &u);
+                if (l < 0) {
+                        assert(l >= INT8_MIN);
+                        return l;
+                }
 
                 if (!http_etag_is_valid(u))
                         continue;
 
-                r = strv_consume(&l, TAKE_PTR(u));
+                r = strv_consume(&ans, TAKE_PTR(u));
                 if (r < 0)
                         return r;
         }
 
-        *etags = TAKE_PTR(l);
+        *etags = TAKE_PTR(ans);
 
         return 0;
 }

diff --git a/src/libsystemd/sd-login/sd-login.c b/src/libsystemd/sd-login/sd-login.c
index f6fff204f65aa971655fddf8d977e4462db5b294..3adf1cef5cf579e9c2701c877f4cf9aea7f3db90 100644 (file)
--- a/src/libsystemd/sd-login/sd-login.c
+++ b/src/libsystemd/sd-login/sd-login.c
@@ -585,8 +585,8 @@ _public_ int sd_session_get_class(const char *session, char **class) {
 
 _public_ int sd_session_get_desktop(const char *session, char **desktop) {
         _cleanup_free_ char *escaped = NULL;
-        char *t;
         int r;
+        ssize_t l;
 
         assert_return(desktop, -EINVAL);
 
@@ -594,11 +594,9 @@ _public_ int sd_session_get_desktop(const char *session, char **desktop) {
         if (r < 0)
                 return r;
 
-        r = cunescape(escaped, 0, &t);
-        if (r < 0)
-                return r;
-
-        *desktop = t;
+        l = cunescape(escaped, 0, desktop);
+        if (l < 0)
+                return l;
         return 0;
 }
 

diff --git a/src/login/logind-inhibit.c b/src/login/logind-inhibit.c
index 57198ce65293f0cc0852172e15af52810207ed67..f8048f6d23b7080947a401f4d3c8c60587c1b763 100644 (file)
--- a/src/login/logind-inhibit.c
+++ b/src/login/logind-inhibit.c
@@ -209,18 +209,11 @@ void inhibitor_stop(Inhibitor *i) {
 }
 
 int inhibitor_load(Inhibitor *i) {
-
-        _cleanup_free_ char
-                *what = NULL,
-                *uid = NULL,
-                *pid = NULL,
-                *who = NULL,
-                *why = NULL,
-                *mode = NULL;
-
+        _cleanup_free_ char *what = NULL, *uid = NULL, *pid = NULL, *who = NULL, *why = NULL, *mode = NULL;
         InhibitWhat w;
         InhibitMode mm;
         char *cc;
+        ssize_t l;
         int r;
 
         r = parse_env_file(NULL, i->state_file,
@@ -255,17 +248,17 @@ int inhibitor_load(Inhibitor *i) {
         }
 
         if (who) {
-                r = cunescape(who, 0, &cc);
-                if (r < 0)
-                        return log_oom();
+                l = cunescape(who, 0, &cc);
+                if (l < 0)
+                        return log_debug_errno(l, "Failed to unescape \"who\" of inhibitor: %m");
 
                 free_and_replace(i->who, cc);
         }
 
         if (why) {
-                r = cunescape(why, 0, &cc);
-                if (r < 0)
-                        return log_oom();
+                l = cunescape(why, 0, &cc);
+                if (l < 0)
+                        return log_debug_errno(l, "Failed to unescape \"why\" of inhibitor: %m");
 
                 free_and_replace(i->why, cc);
         }

diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
index f80adcdbcfef2289457906e07d22aadb692df3b6..1ba21fc9de0274d57bc0b1f05e17180c7096904e 100644 (file)
--- a/src/network/networkd-dhcp4.c
+++ b/src/network/networkd-dhcp4.c
@@ -1735,7 +1735,7 @@ int config_parse_dhcp_mud_url(
 
         _cleanup_free_ char *unescaped = NULL;
         Network *network = data;
-        int r;
+        ssize_t l;
 
         assert(filename);
         assert(lvalue);
@@ -1746,9 +1746,9 @@ int config_parse_dhcp_mud_url(
                 return 0;
         }
 
-        r = cunescape(rvalue, 0, &unescaped);
-        if (r < 0) {
-                log_syntax(unit, LOG_WARNING, filename, line, r,
+        l = cunescape(rvalue, 0, &unescaped);
+        if (l < 0) {
+                log_syntax(unit, LOG_WARNING, filename, line, l,
                            "Failed to Failed to unescape MUD URL, ignoring: %s", rvalue);
                 return 0;
         }

diff --git a/src/network/networkd-dhcp6.c b/src/network/networkd-dhcp6.c
index 2b72b618fc5c2cb2886f288ee8e400825cb360bb..4506932a5877fdf32b25564c230cc0709d095e66 100644 (file)
--- a/src/network/networkd-dhcp6.c
+++ b/src/network/networkd-dhcp6.c
@@ -1814,7 +1814,7 @@ int config_parse_dhcp6_mud_url(
 
         _cleanup_free_ char *unescaped = NULL;
         Network *network = data;
-        int r;
+        ssize_t l;
 
         assert(filename);
         assert(lvalue);
@@ -1825,9 +1825,9 @@ int config_parse_dhcp6_mud_url(
                 return 0;
         }
 
-        r = cunescape(rvalue, 0, &unescaped);
-        if (r < 0) {
-                log_syntax(unit, LOG_WARNING, filename, line, r,
+        l = cunescape(rvalue, 0, &unescaped);
+        if (l < 0) {
+                log_syntax(unit, LOG_WARNING, filename, line, l,
                            "Failed to Failed to unescape MUD URL, ignoring: %s", rvalue);
                 return 0;
         }

diff --git a/src/network/networkd-lldp-tx.c b/src/network/networkd-lldp-tx.c
index 45a087b301c411eef317863ee1fbe858e2fb8b3a..c2d269156e831174d7e25bf6854483ca332f6776 100644 (file)
--- a/src/network/networkd-lldp-tx.c
+++ b/src/network/networkd-lldp-tx.c
@@ -430,15 +430,15 @@ int config_parse_lldp_mud(
 
         _cleanup_free_ char *unescaped = NULL;
         Network *n = data;
-        int r;
+        ssize_t l;
 
         assert(filename);
         assert(lvalue);
         assert(rvalue);
 
-        r = cunescape(rvalue, 0, &unescaped);
-        if (r < 0) {
-                log_syntax(unit, LOG_WARNING, filename, line, r,
+        l = cunescape(rvalue, 0, &unescaped);
+        if (l < 0) {
+                log_syntax(unit, LOG_WARNING, filename, line, l,
                            "Failed to Failed to unescape LLDP MUD URL, ignoring: %s", rvalue);
                 return 0;
         }

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 04685fecbaf35d0e81fdb7cb412cf59c0bd9d3b5..aea4eb7b0b0d17534c4aba8720717f362db2a0a6 100644 (file)
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1565,7 +1565,7 @@ static int parse_argv(int argc, char *argv[]) {
                         const char *p = optarg;
                         Credential *a;
                         size_t i;
-                        int l;
+                        ssize_t l;
 
                         r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
                         if (r == -ENOMEM)

diff --git a/src/shared/bpf-program.c b/src/shared/bpf-program.c
index 0f865a71689a38f89134a3e406847975c544b80f..4575bb4e2ff21ca33087eb0cfdc5a1b08163c559 100644 (file)
--- a/src/shared/bpf-program.c
+++ b/src/shared/bpf-program.c
@@ -426,6 +426,7 @@ int bpf_program_deserialize_attachment(const char *v, FDSet *fds, BPFProgram **b
         _cleanup_free_ char *sfd = NULL, *sat = NULL, *unescaped = NULL;
         _cleanup_(bpf_program_unrefp) BPFProgram *p = NULL;
         _cleanup_close_ int fd = -1;
+        ssize_t l;
         int ifd, at, r;
 
         assert(v);
@@ -456,9 +457,9 @@ int bpf_program_deserialize_attachment(const char *v, FDSet *fds, BPFProgram **b
                 return at;
 
         /* The rest is the path */
-        r = cunescape(v, 0, &unescaped);
-        if (r < 0)
-                return r;
+        l = cunescape(v, 0, &unescaped);
+        if (l < 0)
+                return l;
 
         fd = fdset_remove(fds, ifd);
         if (fd < 0)

diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index a97ffbcea45410d1392a6c81725ffba45dcb6750..1ff1e7600d76ed7beed344a6c9c3ad4bef531241 100644 (file)
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -1096,7 +1096,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
                                 r = sd_bus_message_append_array(m, 'y', decoded, decoded_size);
                         } else {
                                 _cleanup_free_ char *unescaped = NULL;
-                                int l;
+                                ssize_t l;
 
                                 l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped);
                                 if (l < 0)
@@ -1233,18 +1233,19 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
 
         if (streq(field, "StandardInputText")) {
                 _cleanup_free_ char *unescaped = NULL;
+                ssize_t l;
 
-                r = cunescape(eq, 0, &unescaped);
-                if (r < 0)
-                        return log_error_errno(r, "Failed to unescape text '%s': %m", eq);
+                l = cunescape(eq, 0, &unescaped);
+                if (l < 0)
+                        return log_error_errno(l, "Failed to unescape text '%s': %m", eq);
 
                 if (!strextend(&unescaped, "\n"))
                         return log_oom();
 
-                /* Note that we don't expand specifiers here, but that should be OK, as this is a programmatic
-                 * interface anyway */
+                /* Note that we don't expand specifiers here, but that should be OK, as this is a
+                 * programmatic interface anyway */
 
-                return bus_append_byte_array(m, field, unescaped, strlen(unescaped));
+                return bus_append_byte_array(m, field, unescaped, l + 1);
         }
 
         if (streq(field, "StandardInputData")) {

diff --git a/src/shared/devnode-acl.c b/src/shared/devnode-acl.c
index 07e29e1019129db9e91fad8b49ec24bf9e1cfba7..9ea89ee9200803f374288f557968ec7d4dd23f8b 100644 (file)
--- a/src/shared/devnode-acl.c
+++ b/src/shared/devnode-acl.c
@@ -220,9 +220,11 @@ int devnode_acl_all(const char *seat,
         if (dir) {
                 FOREACH_DIRENT(dent, dir, return -errno) {
                         _cleanup_free_ char *unescaped_devname = NULL;
+                        ssize_t l;
 
-                        if (cunescape(dent->d_name, UNESCAPE_RELAX, &unescaped_devname) < 0)
-                                return -ENOMEM;
+                        l = cunescape(dent->d_name, UNESCAPE_RELAX, &unescaped_devname);
+                        if (l < 0)
+                                return l;
 
                         n = path_join("/dev", unescaped_devname);
                         if (!n)

diff --git a/src/shared/serialize.c b/src/shared/serialize.c
index 23aac3ef527112b2010a31ee2b14a84631625445..47996b9ead64bb6cbc3c06a3cdb417f28eb27fd7 100644 (file)
--- a/src/shared/serialize.c
+++ b/src/shared/serialize.c
@@ -176,6 +176,7 @@ int deserialize_dual_timestamp(const char *value, dual_timestamp *t) {
 
 int deserialize_environment(const char *value, char ***list) {
         _cleanup_free_ char *unescaped = NULL;
+        ssize_t l;
         int r;
 
         assert(value);
@@ -183,9 +184,9 @@ int deserialize_environment(const char *value, char ***list) {
 
         /* Changes the *environment strv inline. */
 
-        r = cunescape(value, 0, &unescaped);
-        if (r < 0)
-                return log_error_errno(r, "Failed to unescape: %m");
+        l = cunescape(value, 0, &unescaped);
+        if (l < 0)
+                return log_error_errno(l, "Failed to unescape: %m");
 
         r = strv_env_replace_consume(list, TAKE_PTR(unescaped));
         if (r < 0)

diff --git a/src/shared/udev-util.c b/src/shared/udev-util.c
index f934fc157eb527d493293ba5e5e6e1cab6855992..27dfd11a6a7cc1518406b934274e11352ff12874 100644 (file)
--- a/src/shared/udev-util.c
+++ b/src/shared/udev-util.c
@@ -351,7 +351,6 @@ void log_device_uevent(sd_device *device, const char *str) {
 
 int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos) {
         char *i, *j;
-        int r;
         bool is_escaped;
 
         /* value must be double quotated */
@@ -373,6 +372,7 @@ int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos) {
                 j[0] = '\0';
         } else {
                 _cleanup_free_ char *unescaped = NULL;
+                ssize_t l;
 
                 /* find the end position of value */
                 for (i = str; *i != '"'; i++) {
@@ -383,11 +383,12 @@ int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos) {
                 }
                 i[0] = '\0';
 
-                r = cunescape_length(str, i - str, 0, &unescaped);
-                if (r < 0)
-                        return r;
-                assert(r <= i - str);
-                memcpy(str, unescaped, r + 1);
+                l = cunescape_length(str, i - str, 0, &unescaped);
+                if (l < 0)
+                        return l;
+
+                assert(l <= i - str);
+                memcpy(str, unescaped, l + 1);
         }
 
         *ret_value = str;

diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index b32b709ef5b055f2402531a8144ff4cc17dff7cb..b89555d8e0b19e391a516ae7e4692e9d882f7b6b 100644 (file)
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -2775,8 +2775,6 @@ static bool should_include_path(const char *path) {
 }
 
 static int specifier_expansion_from_arg(Item *i) {
-        _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
-        char **xattr;
         int r;
 
         assert(i);
@@ -2789,33 +2787,37 @@ static int specifier_expansion_from_arg(Item *i) {
         case CREATE_SYMLINK:
         case CREATE_FILE:
         case TRUNCATE_FILE:
-        case WRITE_FILE:
-                r = cunescape(i->argument, 0, &unescaped);
-                if (r < 0)
-                        return log_error_errno(r, "Failed to unescape parameter to write: %s", i->argument);
+        case WRITE_FILE: {
+                _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
+                ssize_t l;
+
+                l = cunescape(i->argument, 0, &unescaped);
+                if (l < 0)
+                        return log_error_errno(l, "Failed to unescape parameter to write: %s", i->argument);
 
                 r = specifier_printf(unescaped, PATH_MAX-1, specifier_table, arg_root, NULL, &resolved);
                 if (r < 0)
                         return r;
 
-                free_and_replace(i->argument, resolved);
-                break;
-
+                return free_and_replace(i->argument, resolved);
+        }
         case SET_XATTR:
-        case RECURSIVE_SET_XATTR:
+        case RECURSIVE_SET_XATTR: {
+                char **xattr;
                 STRV_FOREACH(xattr, i->xattrs) {
+                        _cleanup_free_ char *resolved = NULL;
+
                         r = specifier_printf(*xattr, SIZE_MAX, specifier_table, arg_root, NULL, &resolved);
                         if (r < 0)
                                 return r;
 
                         free_and_replace(*xattr, resolved);
                 }
-                break;
-
+                return 0;
+        }
         default:
-                break;
+                return 0;
         }
-        return 0;
 }
 
 static int patch_var_run(const char *fname, unsigned line, char **path) {

diff --git a/src/xdg-autostart-generator/xdg-autostart-service.c b/src/xdg-autostart-generator/xdg-autostart-service.c
index fe73bfe9db32864dea93f9cfd22c92b8271698ba..d6e90302fdc93928f53a39f6096b8745e792591a 100644 (file)
--- a/src/xdg-autostart-generator/xdg-autostart-service.c
+++ b/src/xdg-autostart-generator/xdg-autostart-service.c
@@ -397,10 +397,11 @@ int xdg_autostart_format_exec_start(
         first_arg = true;
         for (i = n = 0; exec_split[i]; i++) {
                 _cleanup_free_ char *c = NULL, *raw = NULL, *p = NULL, *escaped = NULL, *quoted = NULL;
+                ssize_t l;
 
-                r = cunescape(exec_split[i], 0, &c);
-                if (r < 0)
-                        return log_debug_errno(r, "Failed to unescape '%s': %m", exec_split[i]);
+                l = cunescape(exec_split[i], 0, &c);
+                if (l < 0)
+                        return log_debug_errno(l, "Failed to unescape '%s': %m", exec_split[i]);
 
                 if (first_arg) {
                         _cleanup_free_ char *executable = NULL;