tree-wide: use memmem_safe()

Let's be paranoid and do something useful if we operate with empty
haystack/needle. This doesn't actually fix anything, as the places as
far as I can see check for non-emptyness already beforehand, but I will
sleep safer at night, if we don't even allow the trap to be fallen in,
ever, even if the code is changed sooner or later.

diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
index 9283e2013cfb0784f55f5790110e8b2cb5433451..b1a0e313ce9bfee7668bcf7cf88ce3f7ac4d299d 100644 (file)
--- a/src/boot/bootctl.c
+++ b/src/boot/bootctl.c
@@ -163,7 +163,7 @@ static int get_file_version(int fd, char **v) {
         if (!s)
                 goto finish;
 
-        e = memmem(s, st.st_size - (s - buf), " ####", 5);
+        e = memmem_safe(s, st.st_size - (s - buf), " ####", 5);
         if (!e || e - s < 3) {
                 r = log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Malformed version string.");
                 goto finish;

diff --git a/src/import/pull-common.c b/src/import/pull-common.c
index cb77454e0f6983015e216fd1f94601828548c31d..e1cd495102c54bb697ac3c357b3e408c73d25b54 100644 (file)
--- a/src/import/pull-common.c
+++ b/src/import/pull-common.c
@@ -10,6 +10,7 @@
 #include "escape.h"
 #include "fd-util.h"
 #include "io-util.h"
+#include "memory-util.h"
 #include "path-util.h"
 #include "process-util.h"
 #include "pull-common.h"
@@ -342,18 +343,18 @@ static int verify_one(PullJob *checksum_job, PullJob *job) {
 
         line = strjoina(job->checksum, " *", fn, "\n");
 
-        p = memmem(checksum_job->payload,
-                   checksum_job->payload_size,
-                   line,
-                   strlen(line));
+        p = memmem_safe(checksum_job->payload,
+                        checksum_job->payload_size,
+                        line,
+                        strlen(line));
 
         if (!p) {
                 line = strjoina(job->checksum, "  ", fn, "\n");
 
-                p = memmem(checksum_job->payload,
-                        checksum_job->payload_size,
-                        line,
-                        strlen(line));
+                p = memmem_safe(checksum_job->payload,
+                                checksum_job->payload_size,
+                                line,
+                                strlen(line));
         }
 
         if (!p || (p != (char*) checksum_job->payload && p[-1] != '\n'))

diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
index b408d657a5e7f031755e3cfe6f85ffb31edb37e2..4b8d73c3e083c054542941e49c72c7032fa018e6 100644 (file)
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -173,12 +173,12 @@ static int bus_socket_auth_verify_client(sd_bus *b) {
         if (!d)
                 return 0;
 
-        e = memmem(d + 2, b->rbuffer_size - (d - (char*) b->rbuffer) - 2, "\r\n", 2);
+        e = memmem_safe(d + 2, b->rbuffer_size - (d - (char*) b->rbuffer) - 2, "\r\n", 2);
         if (!e)
                 return 0;
 
         if (b->accept_fd) {
-                f = memmem(e + 2, b->rbuffer_size - (e - (char*) b->rbuffer) - 2, "\r\n", 2);
+                f = memmem_safe(e + 2, b->rbuffer_size - (e - (char*) b->rbuffer) - 2, "\r\n", 2);
                 if (!f)
                         return 0;
 
@@ -399,7 +399,7 @@ static int bus_socket_auth_verify_server(sd_bus *b) {
         for (;;) {
                 /* Check if line is complete */
                 line = (char*) b->rbuffer + b->auth_rbegin;
-                e = memmem(line, b->rbuffer_size - b->auth_rbegin, "\r\n", 2);
+                e = memmem_safe(line, b->rbuffer_size - b->auth_rbegin, "\r\n", 2);
                 if (!e)
                         return processed;