From: Zbigniew Jędrzejewski-Szmek Date: Wed, 7 Jul 2021 09:37:21 +0000 (+0200) Subject: tree-wide: do not use (void) asprintf X-Git-Tag: v250-rc1~952^2~3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=12619d0a80f4ecc445cf7f880b2359d82bcd1bc6;p=thirdparty%2Fsystemd.git tree-wide: do not use (void) asprintf asprintf(3) says that the pointer is "undefined" after a failed call. In the current glibc implementation it is just NULL. In principle the call could return a valid pointer with bad contents or something. We have two styles of error handling: in a majority of cases we would check the return value, but sometimes we used (void) and relied on the pointer not being set. In practice both styles should be equivalent, but gcc doesn't like the second one with -Wunused-result. (Though only sometimes. E.g. on my F34 box I don't get the same warnings as in CI, even though the compiler version is very similar and the compilation options are the same…). It's also nice to be consistent in our code base. So let's always use the first style of error checking. --- diff --git a/src/analyze/analyze-security.c b/src/analyze/analyze-security.c index f20606c17ca..4d41834c3f8 100644 --- a/src/analyze/analyze-security.c +++ b/src/analyze/analyze-security.c @@ -583,11 +583,12 @@ static int assess_system_call_filter( assert(a->parameter < _SYSCALL_FILTER_SET_MAX); const SyscallFilterSet *f = syscall_filter_sets + a->parameter; - char *d = NULL; + _cleanup_free_ char *d = NULL; uint64_t b; + int r; if (!info->system_call_filter_allow_list && set_isempty(info->system_call_filter)) { - d = strdup("Service does not filter system calls"); + r = free_and_strdup(&d, "Service does not filter system calls"); b = 10; } else { bool bad; @@ -599,34 +600,33 @@ static int assess_system_call_filter( if (info->system_call_filter_allow_list) { if (bad) { - (void) asprintf(&d, "System call allow list defined for service, and %s is included " - "(e.g. %s is allowed)", - f->name, offender); + r = asprintf(&d, "System call allow list defined for service, and %s is included " + "(e.g. %s is allowed)", + f->name, offender); b = 9; } else { - (void) asprintf(&d, "System call allow list defined for service, and %s is not included", - f->name); + r = asprintf(&d, "System call allow list defined for service, and %s is not included", + f->name); b = 0; } } else { if (bad) { - (void) asprintf(&d, "System call deny list defined for service, and %s is not included " - "(e.g. %s is allowed)", - f->name, offender); + r = asprintf(&d, "System call deny list defined for service, and %s is not included " + "(e.g. %s is allowed)", + f->name, offender); b = 10; } else { - (void) asprintf(&d, "System call deny list defined for service, and %s is included", - f->name); + r = asprintf(&d, "System call deny list defined for service, and %s is included", + f->name); b = 0; } } } - - if (!d) + if (r < 0) return log_oom(); *ret_badness = b; - *ret_description = d; + *ret_description = TAKE_PTR(d); return 0; } diff --git a/src/basic/rlimit-util.c b/src/basic/rlimit-util.c index 23d108d5df3..1ab41c69741 100644 --- a/src/basic/rlimit-util.c +++ b/src/basic/rlimit-util.c @@ -300,26 +300,26 @@ int rlimit_parse(int resource, const char *val, struct rlimit *ret) { } int rlimit_format(const struct rlimit *rl, char **ret) { - char *s = NULL; + _cleanup_free_ char *s = NULL; + int r; assert(rl); assert(ret); if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY) - s = strdup("infinity"); + r = free_and_strdup(&s, "infinity"); else if (rl->rlim_cur >= RLIM_INFINITY) - (void) asprintf(&s, "infinity:" RLIM_FMT, rl->rlim_max); + r = asprintf(&s, "infinity:" RLIM_FMT, rl->rlim_max); else if (rl->rlim_max >= RLIM_INFINITY) - (void) asprintf(&s, RLIM_FMT ":infinity", rl->rlim_cur); + r = asprintf(&s, RLIM_FMT ":infinity", rl->rlim_cur); else if (rl->rlim_cur == rl->rlim_max) - (void) asprintf(&s, RLIM_FMT, rl->rlim_cur); + r = asprintf(&s, RLIM_FMT, rl->rlim_cur); else - (void) asprintf(&s, RLIM_FMT ":" RLIM_FMT, rl->rlim_cur, rl->rlim_max); - - if (!s) + r = asprintf(&s, RLIM_FMT ":" RLIM_FMT, rl->rlim_cur, rl->rlim_max); + if (r < 0) return -ENOMEM; - *ret = s; + *ret = TAKE_PTR(s); return 0; } diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c index 7483b46a11d..bdfa145ab7d 100644 --- a/src/libsystemd/sd-bus/bus-error.c +++ b/src/libsystemd/sd-bus/bus-error.c @@ -252,10 +252,15 @@ int bus_error_setfv(sd_bus_error *e, const char *name, const char *format, va_li return -ENOMEM; } - /* If we hit OOM on formatting the pretty message, we ignore - * this, since we at least managed to write the error name */ - if (format) - (void) vasprintf((char**) &e->message, format, ap); + if (format) { + _cleanup_free_ char *mesg = NULL; + + /* If we hit OOM on formatting the pretty message, we ignore + * this, since we at least managed to write the error name */ + + if (vasprintf(&mesg, format, ap) >= 0) + e->message = TAKE_PTR(mesg); + } e->_need_free = 1; } diff --git a/src/shared/varlink.c b/src/shared/varlink.c index 6b0b343ae92..3a53c16a724 100644 --- a/src/shared/varlink.c +++ b/src/shared/varlink.c @@ -2145,7 +2145,9 @@ int varlink_server_add_connection(VarlinkServer *server, int fd, Varlink **ret) v->ucred_acquired = true; } - (void) asprintf(&v->description, "%s-%i", server->description ?: "varlink", v->fd); + _cleanup_free_ char *desc = NULL; + if (asprintf(&desc, "%s-%i", server->description ?: "varlink", v->fd) >= 0) + v->description = TAKE_PTR(desc); /* Link up the server and the connection, and take reference in both directions. Note that the * reference on the connection is left dangling. It will be dropped when the connection is closed,