diff options
author | Christian Göttsche <cgzones@googlemail.com> | 2023-02-28 15:50:20 +0100 |
---|---|---|
committer | Alejandro Colomar <alx@kernel.org> | 2023-05-31 21:43:34 +0200 |
commit | b9ff9a3a05380705979b1795d0124e3fe5f20ab2 (patch) | |
tree | 3548ed51b7a0c5190ea6983d5f9fb9be15b8e3b4 | |
parent | a710f4b9021da156c25921c2c68bec51587dea6c (diff) |
Drop alloca(3)
alloca(3) fails silently if not enough memory can be allocated on the
stack. Use checked dynamic allocation instead.
Also drop unnecessary manual NUL assignment, ensured by snprintf(3).
Signed-off-by: Alejandro Colomar <alx@kernel.org>
-rw-r--r-- | lib/alloc.h | 2 | ||||
-rw-r--r-- | libmisc/getdate.y | 3 | ||||
-rw-r--r-- | src/useradd.c | 6 | ||||
-rw-r--r-- | src/usermod.c | 31 |
4 files changed, 24 insertions, 18 deletions
diff --git a/lib/alloc.h b/lib/alloc.h index 64984f3a..2b1599cb 100644 --- a/lib/alloc.h +++ b/lib/alloc.h @@ -20,13 +20,11 @@ #include "defines.h" -#define ALLOCARRAY(n, type) ((type *) alloca(sizeof(type) * (n))) #define CALLOC(n, type) ((type *) calloc(n, sizeof(type))) #define XCALLOC(n, type) ((type *) xcalloc(n, sizeof(type))) #define MALLOCARRAY(n, type) ((type *) mallocarray(n, sizeof(type))) #define XMALLOCARRAY(n, type) ((type *) xmallocarray(n, sizeof(type))) -#define ALLOCA(type) ALLOCARRAY(1, type) #define MALLOC(type) MALLOCARRAY(1, type) #define XMALLOC(type) XMALLOCARRAY(1, type) #define REALLOC(ptr, type) REALLOCARRAY(ptr, 1, type) diff --git a/libmisc/getdate.y b/libmisc/getdate.y index 0c07f746..2e13e2dc 100644 --- a/libmisc/getdate.y +++ b/libmisc/getdate.y @@ -12,9 +12,6 @@ #ifdef HAVE_CONFIG_H # include <config.h> -# ifdef FORCE_ALLOCA_H -# include <alloca.h> -# endif #endif /* Since the code of getdate.y is not included in the Emacs executable diff --git a/src/useradd.c b/src/useradd.c index e3123615..d57f8fb6 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -2435,6 +2435,7 @@ static void create_mail (void) if (strcasecmp (create_mail_spool, "yes") == 0) { const char *spool; char *file; + size_t size; int fd; struct group *gr; gid_t gid; @@ -2449,7 +2450,8 @@ static void create_mail (void) if (NULL == spool) { return; } - file = ALLOCARRAY (strlen (prefix) + strlen (spool) + strlen (user_name) + 3, char); + size = strlen(prefix) + strlen(spool) + strlen(user_name) + 3; + file = XMALLOCARRAY(size, char); if (prefix[0]) sprintf (file, "%s/%s/%s", prefix, spool, user_name); else @@ -2470,6 +2472,8 @@ static void create_mail (void) return; } + free(file); + gr = prefix_getgrnam ("mail"); /* local, no need for xgetgrnam */ if (NULL == gr) { fputs (_("Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"), diff --git a/src/usermod.c b/src/usermod.c index db5d37a4..6a61576b 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -2034,10 +2034,9 @@ static void move_mailbox (void) { const char *maildir; char* mailfile; - char* newmailfile; int fd; struct stat st; - size_t len; + size_t size; maildir = getdef_str ("MAIL_DIR"); #ifdef MAIL_SPOOL_DIR @@ -2048,8 +2047,8 @@ static void move_mailbox (void) if (NULL == maildir) { return; } - len = strlen (prefix) + strlen (maildir) + strlen (user_name) + 3; - mailfile = ALLOCARRAY (len, char); + size = strlen(prefix) + strlen(maildir) + strlen(user_name) + 3; + mailfile = XMALLOCARRAY(size, char); /* * O_NONBLOCK is to make sure open won't hang on mandatory locks. @@ -2058,14 +2057,13 @@ static void move_mailbox (void) * between stat and chown). --marekm */ if (prefix[0]) { - (void) snprintf (mailfile, len, "%s/%s/%s", + (void) snprintf (mailfile, size, "%s/%s/%s", prefix, maildir, user_name); } else { - (void) snprintf (mailfile, len, "%s/%s", + (void) snprintf (mailfile, size, "%s/%s", maildir, user_name); } - mailfile[len-1] = '\0'; fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0); if (fd < 0) { @@ -2073,11 +2071,13 @@ static void move_mailbox (void) if (errno != ENOENT) { perror (mailfile); } + free(mailfile); return; } if (fstat (fd, &st) < 0) { perror ("fstat"); (void) close (fd); + free(mailfile); return; } if (st.st_uid != user_id) { @@ -2085,6 +2085,7 @@ static void move_mailbox (void) fprintf (stderr, _("%s: warning: %s not owned by %s\n"), Prog, mailfile, user_name); (void) close (fd); + free(mailfile); return; } if (uflg) { @@ -2103,17 +2104,19 @@ static void move_mailbox (void) (void) close (fd); if (lflg) { - len = strlen (prefix) + strlen (maildir) + strlen (user_newname) + 3; - newmailfile = ALLOCARRAY(len, char); + char* newmailfile; + size_t newsize; + + newsize = strlen(prefix) + strlen(maildir) + strlen(user_newname) + 3; + newmailfile = XMALLOCARRAY(newsize, char); if (prefix[0]) { - (void) snprintf (newmailfile, len, "%s/%s/%s", + (void) snprintf (newmailfile, newsize, "%s/%s/%s", prefix, maildir, user_newname); } else { - (void) snprintf (newmailfile, len, "%s/%s", + (void) snprintf (newmailfile, newsize, "%s/%s", maildir, user_newname); } - newmailfile[len - 1] = '\0'; if ( (link (mailfile, newmailfile) != 0) || (unlink (mailfile) != 0)) { perror (_("failed to rename mailbox")); @@ -2124,8 +2127,12 @@ static void move_mailbox (void) "changing mail file name", user_newname, user_newid, 1); } + + free(newmailfile); #endif } + + free(mailfile); } #endif |