Drop alloca(3)

alloca(3) fails silently if not enough memory can be allocated on the stack. Use checked dynamic allocation instead. Also drop unnecessary manual NUL assignment, ensured by snprintf(3). Signed-off-by: Alejandro Colomar <alx@kernel.org>
author: Christian Göttsche <cgzones@googlemail.com> 2023-02-28 15:50:20 +0100
committer: Alejandro Colomar <alx@kernel.org> 2023-05-31 21:43:34 +0200
commit: b9ff9a3a05380705979b1795d0124e3fe5f20ab2 (patch)
tree: 3548ed51b7a0c5190ea6983d5f9fb9be15b8e3b4
parent: a710f4b9021da156c25921c2c68bec51587dea6c (diff)
4 files changed, 24 insertions, 18 deletions
diff --git a/lib/alloc.h b/lib/alloc.h
index 64984f3a..2b1599cb 100644
--- a/lib/alloc.h
+++ b/lib/alloc.h
@@ -20,13 +20,11 @@
 #include "defines.h"
 
 
-#define ALLOCARRAY(n, type)    ((type *) alloca(sizeof(type) * (n)))
 #define CALLOC(n, type)        ((type *) calloc(n, sizeof(type)))
 #define XCALLOC(n, type)       ((type *) xcalloc(n, sizeof(type)))
 #define MALLOCARRAY(n, type)   ((type *) mallocarray(n, sizeof(type)))
 #define XMALLOCARRAY(n, type)  ((type *) xmallocarray(n, sizeof(type)))
 
-#define ALLOCA(type)           ALLOCARRAY(1, type)
 #define MALLOC(type)           MALLOCARRAY(1, type)
 #define XMALLOC(type)          XMALLOCARRAY(1, type)
 #define REALLOC(ptr, type)     REALLOCARRAY(ptr, 1, type)
diff --git a/libmisc/getdate.y b/libmisc/getdate.y
index 0c07f746..2e13e2dc 100644
--- a/libmisc/getdate.y
+++ b/libmisc/getdate.y
@@ -12,9 +12,6 @@
 
 #ifdef HAVE_CONFIG_H
 # include <config.h>
-# ifdef FORCE_ALLOCA_H
-#  include <alloca.h>
-# endif
 #endif
 
 /* Since the code of getdate.y is not included in the Emacs executable
diff --git a/src/useradd.c b/src/useradd.c
index e3123615..d57f8fb6 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -2435,6 +2435,7 @@ static void create_mail (void)
 	if (strcasecmp (create_mail_spool, "yes") == 0) {
 		const char *spool;
 		char *file;
+		size_t size;
 		int fd;
 		struct group *gr;
 		gid_t gid;
@@ -2449,7 +2450,8 @@ static void create_mail (void)
 		if (NULL == spool) {
 			return;
 		}
-		file = ALLOCARRAY (strlen (prefix) + strlen (spool) + strlen (user_name) + 3, char);
+		size = strlen(prefix) + strlen(spool) + strlen(user_name) + 3;
+		file = XMALLOCARRAY(size, char);
 		if (prefix[0])
 			sprintf (file, "%s/%s/%s", prefix, spool, user_name);
 		else
@@ -2470,6 +2472,8 @@ static void create_mail (void)
 			return;
 		}
 
+		free(file);
+
 		gr = prefix_getgrnam ("mail"); /* local, no need for xgetgrnam */
 		if (NULL == gr) {
 			fputs (_("Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"),
diff --git a/src/usermod.c b/src/usermod.c
index db5d37a4..6a61576b 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -2034,10 +2034,9 @@ static void move_mailbox (void)
 {
 	const char *maildir;
 	char* mailfile;
-	char* newmailfile;
 	int fd;
 	struct stat st;
-	size_t len;
+	size_t size;
 
 	maildir = getdef_str ("MAIL_DIR");
 #ifdef MAIL_SPOOL_DIR
@@ -2048,8 +2047,8 @@ static void move_mailbox (void)
 	if (NULL == maildir) {
 		return;
 	}
-	len = strlen (prefix) + strlen (maildir) + strlen (user_name) + 3;
-	mailfile = ALLOCARRAY (len, char);
+	size = strlen(prefix) + strlen(maildir) + strlen(user_name) + 3;
+	mailfile = XMALLOCARRAY(size, char);
 
 	/*
 	 * O_NONBLOCK is to make sure open won't hang on mandatory locks.
@@ -2058,14 +2057,13 @@ static void move_mailbox (void)
 	 * between stat and chown).  --marekm
 	 */
 	if (prefix[0]) {
-		(void) snprintf (mailfile, len, "%s/%s/%s",
+		(void) snprintf (mailfile, size, "%s/%s/%s",
 	    	             prefix, maildir, user_name);
 	}
 	else {
-		(void) snprintf (mailfile, len, "%s/%s",
+		(void) snprintf (mailfile, size, "%s/%s",
 	    	             maildir, user_name);
 	}
-	mailfile[len-1] = '\0';
 
 	fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0);
 	if (fd < 0) {
@@ -2073,11 +2071,13 @@ static void move_mailbox (void)
 		if (errno != ENOENT) {
 			perror (mailfile);
 		}
+		free(mailfile);
 		return;
 	}
 	if (fstat (fd, &st) < 0) {
 		perror ("fstat");
 		(void) close (fd);
+		free(mailfile);
 		return;
 	}
 	if (st.st_uid != user_id) {
@@ -2085,6 +2085,7 @@ static void move_mailbox (void)
 		fprintf (stderr, _("%s: warning: %s not owned by %s\n"),
 		         Prog, mailfile, user_name);
 		(void) close (fd);
+		free(mailfile);
 		return;
 	}
 	if (uflg) {
@@ -2103,17 +2104,19 @@ static void move_mailbox (void)
 	(void) close (fd);
 
 	if (lflg) {
-		len = strlen (prefix) + strlen (maildir) + strlen (user_newname) + 3;
-		newmailfile = ALLOCARRAY(len, char);
+		char* newmailfile;
+		size_t newsize;
+
+		newsize = strlen(prefix) + strlen(maildir) + strlen(user_newname) + 3;
+		newmailfile = XMALLOCARRAY(newsize, char);
 		if (prefix[0]) {
-			(void) snprintf (newmailfile, len, "%s/%s/%s",
+			(void) snprintf (newmailfile, newsize, "%s/%s/%s",
 			                 prefix, maildir, user_newname);
 		}
 		else {
-			(void) snprintf (newmailfile, len, "%s/%s",
+			(void) snprintf (newmailfile, newsize, "%s/%s",
 			                 maildir, user_newname);
 		}
-		newmailfile[len - 1] = '\0';
 		if (   (link (mailfile, newmailfile) != 0)
 		    || (unlink (mailfile) != 0)) {
 			perror (_("failed to rename mailbox"));
@@ -2124,8 +2127,12 @@ static void move_mailbox (void)
 			              "changing mail file name",
 			              user_newname, user_newid, 1);
 		}
+
+		free(newmailfile);
 #endif
 	}
+
+	free(mailfile);
 }
 #endif
author	Christian Göttsche <cgzones@googlemail.com>	2023-02-28 15:50:20 +0100
committer	Alejandro Colomar <alx@kernel.org>	2023-05-31 21:43:34 +0200
commit	b9ff9a3a05380705979b1795d0124e3fe5f20ab2 (patch)
tree	3548ed51b7a0c5190ea6983d5f9fb9be15b8e3b4
parent	a710f4b9021da156c25921c2c68bec51587dea6c (diff)