diff options
| author | Alejandro Colomar <alx@kernel.org> | 2023-08-25 21:27:05 +0200 |
|---|---|---|
| committer | Alejandro Colomar <alx@kernel.org> | 2023-10-20 21:05:33 +0200 |
| commit | ad3b31a59ee853598743e0cab47fa1360b4a5fb9 (patch) | |
| tree | 0717638fa17ddec535ffd8b214e5ea5927e6e6f7 | |
| parent | c5e5fee6062c7b98a171a146c0a247074433ae90 (diff) | |
lib/, src/: Use asprintf(3) instead of strlen(3)+malloc(3)+snprintf(3)
asprintf(3) is non-standard, but is provided by GNU, the BSDs, and musl.
That makes it portable enough for us to use.
This function is much simpler than the burdensome code for allocating
the right size. Being simpler, it's thus safer.
I took the opportunity to fix the style to my preferred one in the
definitions of variables used in these calls, and also in the calls to
free(3) with these pointers. That isn't gratuituous, but has a reason:
it makes those appear in the diff for this patch, which helps review it.
Oh, well, I had an excuse :)
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
| -rw-r--r-- | lib/commonio.c | 25 | ||||
| -rw-r--r-- | lib/copydir.c | 59 | ||||
| -rw-r--r-- | lib/env.c | 18 | ||||
| -rw-r--r-- | lib/getdef.c | 20 | ||||
| -rw-r--r-- | lib/groupio.c | 22 | ||||
| -rw-r--r-- | lib/mail.c | 13 | ||||
| -rw-r--r-- | lib/prefix_flag.c | 38 | ||||
| -rw-r--r-- | lib/run_part.c | 20 | ||||
| -rw-r--r-- | lib/setupenv.c | 12 | ||||
| -rw-r--r-- | src/useradd.c | 105 | ||||
| -rw-r--r-- | src/userdel.c | 52 | ||||
| -rw-r--r-- | src/usermod.c | 58 | ||||
| -rw-r--r-- | src/vipw.c | 40 |
13 files changed, 191 insertions, 291 deletions
diff --git a/lib/commonio.c b/lib/commonio.c index 6d744ad1..df2986aa 100644 --- a/lib/commonio.c +++ b/lib/commonio.c @@ -33,6 +33,7 @@ #include "commonio.h" #include "shadowlog_internal.h" + /* local function prototypes */ static int lrename (const char *, const char *); static int check_link_count (const char *file, bool log); @@ -354,33 +355,25 @@ bool commonio_present (const struct commonio_db *db) int commonio_lock_nowait (struct commonio_db *db, bool log) { - char* file = NULL; - char* lock = NULL; - size_t lock_file_len; - size_t file_len; - int err = 0; + int err = 0; + char *file = NULL; + char *lock = NULL; if (db->locked) { return 1; } - file_len = strlen(db->filename) + 11;/* %lu max size */ - lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */ - file = MALLOC(file_len, char); - if (file == NULL) { + + if (asprintf(&file, "%s.%ju", db->filename, (uintmax_t) getpid()) == -1) goto cleanup_ENOMEM; - } - lock = MALLOC(lock_file_len, char); - if (lock == NULL) { + if (asprintf(&lock, "%s.lock", db->filename) == -1) goto cleanup_ENOMEM; - } - snprintf (file, file_len, "%s.%lu", - db->filename, (unsigned long) getpid ()); - snprintf (lock, lock_file_len, "%s.lock", db->filename); + if (do_lock_file (file, lock, log) != 0) { db->locked = true; lock_count++; err = 1; } + cleanup_ENOMEM: free(file); free(lock); diff --git a/lib/copydir.c b/lib/copydir.c index 36f2004d..d60cf535 100644 --- a/lib/copydir.c +++ b/lib/copydir.c @@ -208,11 +208,7 @@ static void remove_link (/*@only@*/struct link_name *ln) static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, const struct stat *sb) { - struct link_name *lp; - size_t src_len; - size_t dst_len; - size_t name_len; - size_t len; + struct link_name *lp; /* copy_tree () must be the entry point */ assert (NULL != src_orig); @@ -229,15 +225,11 @@ static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, c } lp = XMALLOC(1, struct link_name); - src_len = strlen (src_orig); - dst_len = strlen (dst_orig); - name_len = strlen (name); lp->ln_dev = sb->st_dev; lp->ln_ino = sb->st_ino; lp->ln_count = sb->st_nlink; - len = name_len - src_len + dst_len + 1; - lp->ln_name = XMALLOC(len, char); - (void) snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len); + if (asprintf(&lp->ln_name, "%s%s", dst_orig, name + strlen(src_orig)) == -1) + exit(EXIT_FAILURE); lp->ln_next = links; links = lp; @@ -314,8 +306,9 @@ static int copy_tree_impl (const struct path_info *src, const struct path_info * set_orig = true; } while ((0 == err) && (ent = readdir (dir)) != NULL) { - char *src_name, *dst_name; - size_t src_len, dst_len; + char *src_name = NULL; + char *dst_name; + struct path_info src_entry, dst_entry; /* * Skip the "." and ".." entries */ @@ -325,26 +318,16 @@ static int copy_tree_impl (const struct path_info *src, const struct path_info * continue; } - src_len = strlen (ent->d_name) + 2; - dst_len = strlen (ent->d_name) + 2; - src_len += strlen (src->full_path); - dst_len += strlen (dst->full_path); - - src_name = MALLOC(src_len, char); - dst_name = MALLOC(dst_len, char); - - if ((NULL == src_name) || (NULL == dst_name)) { + if (asprintf(&src_name, "%s/%s", src->full_path, ent->d_name) == -1) + { + err = -1; + continue; + } + if (asprintf(&dst_name, "%s/%s", dst->full_path, ent->d_name) == -1) + { err = -1; goto skip; } - /* - * Build the filename for both the source and - * the destination files. - */ - struct path_info src_entry, dst_entry; - - (void) snprintf (src_name, src_len, "%s/%s", src->full_path, ent->d_name); - (void) snprintf (dst_name, dst_len, "%s/%s", dst->full_path, ent->d_name); src_entry.full_path = src_name; src_entry.dirfd = dirfd(dir); @@ -356,9 +339,10 @@ static int copy_tree_impl (const struct path_info *src, const struct path_info * err = copy_entry(&src_entry, &dst_entry, reset_selinux, old_uid, new_uid, old_gid, new_gid); + + free(dst_name); skip: - free (src_name); - free (dst_name); + free(src_name); } (void) closedir (dir); (void) close (dst_fd); @@ -625,12 +609,11 @@ static int copy_symlink (const struct path_info *src, const struct path_info *ds * directory. */ if (strncmp (oldlink, src_orig, strlen (src_orig)) == 0) { - size_t len = strlen (dst_orig) + strlen (oldlink) - strlen (src_orig) + 1; - char *dummy = XMALLOC(len, char); - (void) snprintf (dummy, len, "%s%s", - dst_orig, - oldlink + strlen (src_orig)); - free (oldlink); + char *dummy; + + if (asprintf(&dummy, "%s%s", dst_orig, oldlink + strlen(src_orig)) == -1) + exit(EXIT_FAILURE); + free(oldlink); oldlink = dummy; } @@ -20,6 +20,8 @@ #include "prototypes.h" #include "defines.h" #include "shadowlog.h" + + /* * NEWENVP_STEP must be a power of two. This is the number * of (char *) pointers to allocate at a time, to avoid using @@ -67,16 +69,12 @@ void initenv (void) void addenv (const char *string, /*@null@*/const char *value) { - char *cp, *newstring; - size_t i; - size_t n; + char *cp, *newstring; + size_t i, n; if (NULL != value) { - size_t len = strlen (string) + strlen (value) + 2; - int wlen; - newstring = XMALLOC(len, char); - wlen = snprintf (newstring, len, "%s=%s", string, value); - assert (wlen == (int) len -1); + if (asprintf(&newstring, "%s=%s", string, value) == -1) + exit(EXIT_FAILURE); } else { newstring = xstrdup (string); } @@ -88,7 +86,7 @@ void addenv (const char *string, /*@null@*/const char *value) cp = strchr (newstring, '='); if (NULL == cp) { - free (newstring); + free(newstring); return; } @@ -105,7 +103,7 @@ void addenv (const char *string, /*@null@*/const char *value) } if (i < newenvc) { - free (newenvp[i]); + free(newenvp[i]); newenvp[i] = newstring; return; } diff --git a/lib/getdef.c b/lib/getdef.c index 7fe6cefb..585e8244 100644 --- a/lib/getdef.c +++ b/lib/getdef.c @@ -26,6 +26,7 @@ #include "getdef.h" #include "shadowlog_internal.h" + /* * A configuration item definition. */ @@ -444,21 +445,14 @@ out: void setdef_config_file (const char* file) { #ifdef USE_ECONF - size_t len; - char* cp; - - len = strlen(file) + strlen(sysconfdir) + 2; - cp = MALLOC(len, char); - if (cp == NULL) - exit (13); - snprintf(cp, len, "%s/%s", file, sysconfdir); + char *cp; + + if (asprintf(&cp, "%s/%s", file, sysconfdir) == -1) + exit(13); sysconfdir = cp; #ifdef VENDORDIR - len = strlen(file) + strlen(vendordir) + 2; - cp = MALLOC(len, char); - if (cp == NULL) - exit (13); - snprintf(cp, len, "%s/%s", file, vendordir); + if (asprintf(&cp, "%s/%s", file, vendordir) == -1) + exit(13); vendordir = cp; #endif #else diff --git a/lib/groupio.c b/lib/groupio.c index abad2cbf..d9d9823b 100644 --- a/lib/groupio.c +++ b/lib/groupio.c @@ -22,6 +22,7 @@ #include "getdef.h" #include "groupio.h" + static /*@null@*/struct commonio_entry *merge_group_entries ( /*@null@*/ /*@returned@*/struct commonio_entry *gr1, /*@null@*/struct commonio_entry *gr2); @@ -300,12 +301,13 @@ static /*@null@*/struct commonio_entry *merge_group_entries ( /*@null@*/ /*@returned@*/struct commonio_entry *gr1, /*@null@*/struct commonio_entry *gr2) { - struct group *gptr1; - struct group *gptr2; - char **new_members; - size_t members = 0; - char *new_line; - size_t new_line_len, i; + char *new_line; + char **new_members; + size_t i; + size_t members = 0; + struct group *gptr1; + struct group *gptr2; + if (NULL == gr2 || NULL == gr1) { errno = EINVAL; return NULL; @@ -319,12 +321,8 @@ static /*@null@*/struct commonio_entry *merge_group_entries ( } /* Concatenate the 2 lines */ - new_line_len = strlen (gr1->line) + strlen (gr2->line) +1; - new_line = MALLOC(new_line_len + 1, char); - if (NULL == new_line) { + if (asprintf(&new_line, "%s\n%s", gr1->line, gr2->line) == -1) return NULL; - } - snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line); /* Concatenate the 2 list of members */ for (i=0; NULL != gptr1->gr_mem[i]; i++); @@ -343,7 +341,7 @@ static /*@null@*/struct commonio_entry *merge_group_entries ( } new_members = CALLOC (members + 1, char *); if (NULL == new_members) { - free (new_line); + free(new_line); return NULL; } for (i=0; NULL != gptr1->gr_mem[i]; i++) { @@ -35,22 +35,19 @@ void mailcheck (void) */ mailbox = getenv ("MAILDIR"); if (NULL != mailbox) { - char *newmail; - size_t len = strlen (mailbox) + 5; - int wlen; + char *newmail; - newmail = XMALLOC(len, char); - wlen = snprintf (newmail, len, "%s/new", mailbox); - assert (wlen == (int) len - 1); + if (asprintf(&newmail, "%s/new", mailbox) == -1) + exit(EXIT_FAILURE); if (stat (newmail, &statbuf) != -1 && statbuf.st_size != 0) { if (statbuf.st_mtime > statbuf.st_atime) { - free (newmail); + free(newmail); (void) puts (_("You have new mail.")); return; } } - free (newmail); + free(newmail); } mailbox = getenv ("MAIL"); diff --git a/lib/prefix_flag.c b/lib/prefix_flag.c index adab9974..7e143307 100644 --- a/lib/prefix_flag.c +++ b/lib/prefix_flag.c @@ -29,6 +29,7 @@ #include "getdef.h" #include "shadowlog.h" + static char *passwd_db_file = NULL; static char *spw_db_file = NULL; static char *group_db_file = NULL; @@ -104,50 +105,43 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char ** log_get_progname()); exit (E_BAD_ARG); } - size_t len; - len = strlen(prefix) + strlen(PASSWD_FILE) + 2; - passwd_db_file = XMALLOC(len, char); - snprintf(passwd_db_file, len, "%s/%s", prefix, PASSWD_FILE); + + if (asprintf(&passwd_db_file, "%s/%s", prefix, PASSWD_FILE) == -1) + exit(EXIT_FAILURE); pw_setdbname(passwd_db_file); - len = strlen(prefix) + strlen(GROUP_FILE) + 2; - group_db_file = XMALLOC(len, char); - snprintf(group_db_file, len, "%s/%s", prefix, GROUP_FILE); + if (asprintf(&group_db_file, "%s/%s", prefix, GROUP_FILE) == -1) + exit(EXIT_FAILURE); gr_setdbname(group_db_file); #ifdef SHADOWGRP - len = strlen(prefix) + strlen(SGROUP_FILE) + 2; - sgroup_db_file = XMALLOC(len, char); - snprintf(sgroup_db_file, len, "%s/%s", prefix, SGROUP_FILE); + if (asprintf(&sgroup_db_file, "%s/%s", prefix, SGROUP_FILE) == -1) + exit(EXIT_FAILURE); sgr_setdbname(sgroup_db_file); #endif #ifdef USE_NIS __setspNIS(0); /* disable NIS for now, at least until it is properly supporting a "prefix" */ #endif - len = strlen(prefix) + strlen(SHADOW_FILE) + 2; - spw_db_file = XMALLOC(len, char); - snprintf(spw_db_file, len, "%s/%s", prefix, SHADOW_FILE); + if (asprintf(&spw_db_file, "%s/%s", prefix, SHADOW_FILE) == -1) + exit(EXIT_FAILURE); spw_setdbname(spw_db_file); #ifdef ENABLE_SUBIDS - len = strlen(prefix) + strlen("/etc/subuid") + 2; - suid_db_file = XMALLOC(len, char); - snprintf(suid_db_file, len, "%s/%s", prefix, "/etc/subuid"); + if (asprintf(&suid_db_file, "%s/%s", prefix, "/etc/subuid") == -1) + exit(EXIT_FAILURE); sub_uid_setdbname(suid_db_file); - len = strlen(prefix) + strlen("/etc/subgid") + 2; - sgid_db_file = XMALLOC(len, char); - snprintf(sgid_db_file, len, "%s/%s", prefix, "/etc/subgid"); + if (asprintf(&sgid_db_file, "%s/%s", prefix, "/etc/subgid") == -1) + exit(EXIT_FAILURE); sub_gid_setdbname(sgid_db_file); #endif #ifdef USE_ECONF setdef_config_file(prefix); #else - len = strlen(prefix) + strlen("/etc/login.defs") + 2; - def_conf_file = XMALLOC(len, char); - snprintf(def_conf_file, len, "%s/%s", prefix, "/etc/login.defs"); + if (asprintf(&def_conf_file, "%s/%s", prefix, "/etc/login.defs") == -1) + exit(EXIT_FAILURE); setdef_config_file(def_conf_file); #endif } diff --git a/lib/run_part.c b/lib/run_part.c index 3d0483d2..bd24d357 100644 --- a/lib/run_part.c +++ b/lib/run_part.c @@ -13,6 +13,7 @@ #include "run_part.h" #include "shadowlog_internal.h" + int run_part (char *script_path, const char *name, const char *action) { int pid; @@ -55,25 +56,22 @@ int run_parts (const char *directory, const char *name, const char *action) } for (n=0; n<scanlist; n++) { - int path_length; - struct stat sb; + char *s; + struct stat sb; - path_length=strlen(directory) + strlen(namelist[n]->d_name) + 2; - char *s = MALLOC(path_length, char); - if (!s) { - printf ("could not allocate memory\n"); + if (asprintf(&s, "%s/%s", directory, namelist[n]->d_name) == -1) { + fprintf(stderr, "could not allocate memory\n"); for (; n<scanlist; n++) { - free (namelist[n]); + free(namelist[n]); } - free (namelist); + free(namelist); return (1); } - snprintf (s, path_length, "%s/%s", directory, namelist[n]->d_name); execute_result = 0; if (stat (s, &sb) == -1) { perror ("stat"); - free (s); + free(s); for (; n<scanlist; n++) { free (namelist[n]); } @@ -85,7 +83,7 @@ int run_parts (const char *directory, const char *name, const char *action) execute_result = run_part (s, name, action); } - free (s); + free(s); if (execute_result!=0) { fprintf (shadow_logfd, diff --git a/lib/setupenv.c b/lib/setupenv.c index b433476c..654b7015 100644 --- a/lib/setupenv.c +++ b/lib/setupenv.c @@ -28,20 +28,18 @@ #include "getdef.h" #include "shadowlog.h" + #ifndef USE_PAM static void addenv_path (const char *varname, const char *dirname, const char *filename) { - char *buf; - size_t len = strlen (dirname) + strlen (filename) + 2; - int wlen; + char *buf; - buf = XMALLOC(len, char); - wlen = snprintf (buf, len, "%s/%s", dirname, filename); - assert (wlen == (int) len - 1); + if (asprintf(&buf, "%s/%s", dirname, filename) == -1) + exit(EXIT_FAILURE); addenv (varname, buf); - free (buf); + free(buf); } static void read_env_file (const char *filename) diff --git a/src/useradd.c b/src/useradd.c index fe62a051..3638211e 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -64,6 +64,7 @@ #endif #include "shadowlog.h" + #ifndef SKEL_DIR #define SKEL_DIR "/etc/skel" #endif @@ -328,21 +329,14 @@ static void fail_exit (int code) */ static void get_defaults (void) { - FILE *fp; - char *default_file = USER_DEFAULTS_FILE; - char buf[1024]; - char *cp; + FILE *fp; + char *default_file = USER_DEFAULTS_FILE; + char buf[1024]; + char *cp; if (prefix[0]) { - size_t len; - int wlen; - - len = strlen(prefix) + strlen(USER_DEFAULTS_FILE) + 2; - default_file = MALLOC(len, char); - if (default_file == NULL) - return; - wlen = snprintf(default_file, len, "%s/%s", prefix, USER_DEFAULTS_FILE); - assert (wlen == (int) len -1); + if (asprintf(&default_file, "%s/%s", prefix, USER_DEFAULTS_FILE) == -1) + return; } /* @@ -446,18 +440,13 @@ static void get_defaults (void) } if (prefix[0]) { - size_t len; - int wlen; - char* _def_template; /* avoid const warning */ - - len = strlen(prefix) + strlen(cp) + 2; - _def_template = XMALLOC(len, char); - wlen = snprintf(_def_template, len, "%s/%s", prefix, cp); - assert (wlen == (int) len -1); + char *_def_template; /* avoid const warning */ + + if (asprintf(&_def_template, "%s/%s", prefix, cp) == -1) + exit(EXIT_FAILURE); def_template = _def_template; - } - else { - def_template = xstrdup (cp); + } else { + def_template = xstrdup(cp); } } @@ -469,19 +458,14 @@ static void get_defaults (void) cp = USRSKELDIR; /* XXX warning: const */ } - if(prefix[0]) { - size_t len; - int wlen; - char* _def_usrtemplate; /* avoid const warning */ + if (prefix[0]) { + char *_def_usrtemplate; /* avoid const warning */ - len = strlen(prefix) + strlen(cp) + 2; - _def_usrtemplate = XMALLOC(len, char); - wlen = snprintf(_def_usrtemplate, len, "%s/%s", prefix, cp); - assert (wlen == (int) len -1); + if (asprintf(&_def_usrtemplate, "%s/%s", prefix, cp) == -1) + exit(EXIT_FAILURE); def_usrtemplate = _def_usrtemplate; - } - else { - def_usrtemplate = xstrdup (cp); + } else { + def_usrtemplate = xstrdup(cp); } } /* @@ -560,32 +544,24 @@ static int set_defaults (void) bool out_usrskel = false; bool out_create_mail_spool = false; bool out_log_init = false; - size_t len; int ret = -1; - len = strlen(prefix) + strlen(NEW_USER_FILE) + 2; - new_file = MALLOC(len, char); - if (new_file == NULL) { - fprintf (stderr, - _("%s: cannot create new defaults file: %s\n"), - Prog, strerror(errno)); + if (asprintf(&new_file, "%s%s%s", prefix, prefix[0]?"/":"", NEW_USER_FILE) == -1) + { + fprintf(stderr, _("%s: cannot create new defaults file: %s\n"), + Prog, strerror(errno)); return -1; } - wlen = snprintf(new_file, len, "%s%s%s", prefix, prefix[0]?"/":"", NEW_USER_FILE); - assert (wlen <= (int) len -1); if (prefix[0]) { - len = strlen(prefix) + strlen(USER_DEFAULTS_FILE) + 2; - default_file = MALLOC(len, char); - if (default_file == NULL) { - fprintf (stderr, - _("%s: cannot create new defaults file: %s\n"), - Prog, strerror(errno)); + if (asprintf(&default_file, "%s/%s", prefix, USER_DEFAULTS_FILE) == -1) + { + fprintf(stderr, + _("%s: cannot create new defaults file: %s\n"), + Prog, strerror(errno)); goto setdef_err; } - wlen = snprintf(default_file, len, "%s/%s", prefix, USER_DEFAULTS_FILE); - assert (wlen == (int) len -1); } new_file_dup = strdup(new_file); @@ -1604,26 +1580,19 @@ static void process_flags (int argc, char **argv) exit (E_BAD_ARG); } if (!dflg) { - char *uh; - size_t len = strlen (def_home) + strlen (user_name) + 2; - int wlen; - - uh = XMALLOC(len, char); - wlen = snprintf (uh, len, "%s/%s", def_home, user_name); - assert (wlen == (int) len -1); + char *uh; + if (asprintf(&uh, "%s/%s", def_home, user_name) == -1) + exit(EXIT_FAILURE); user_home = uh; } if (prefix[0]) { - size_t len = strlen(prefix) + strlen(user_home) + 2; - int wlen; - char* _prefix_user_home; /* to avoid const warning */ - _prefix_user_home = XMALLOC(len, char); - wlen = snprintf(_prefix_user_home, len, "%s/%s", prefix, user_home); - assert (wlen == (int) len -1); - prefix_user_home = _prefix_user_home; - } - else { + char *p_u_h; /* to avoid const warning */ + + if (asprintf(&p_u_h, "%s/%s", prefix, user_home) == -1) + exit(EXIT_FAILURE); + prefix_user_home = p_u_h; + } else { prefix_user_home = user_home; } } diff --git a/src/userdel.c b/src/userdel.c index f68b91ec..b2f64ea0 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -53,6 +53,7 @@ #endif /* ENABLE_SUBIDS */ #include "shadowlog.h" + /* * exit status values */ @@ -788,11 +789,9 @@ static int is_owner (uid_t uid, const char *path) static int remove_mailbox (void) { - const char *maildir; - char* mailfile; - int i; - int errors = 0; - size_t len; + int i, errors = 0; + char *mailfile; + const char *maildir; maildir = getdef_str ("MAIL_DIR"); #ifdef MAIL_SPOOL_DIR @@ -804,18 +803,13 @@ static int remove_mailbox (void) return 0; } - len = strlen (prefix) + strlen (maildir) + strlen (user_name) + 2; - mailfile = XMALLOC(len, char); - if (prefix[0]) { - (void) snprintf (mailfile, len, "%s/%s/%s", - prefix, maildir, user_name); - } - else { - (void) snprintf (mailfile, len, "%s/%s", - maildir, user_name); + if (asprintf(&mailfile, "%s/%s/%s", prefix, maildir, user_name) == -1) + exit(EXIT_FAILURE); + } else { + if (asprintf(&mailfile, "%s/%s", maildir, user_name) == -1) + exit(EXIT_FAILURE); } - mailfile[len-1] = '\0'; if (access (mailfile, F_OK) != 0) { if (ENOENT == errno) { @@ -911,22 +905,19 @@ static int remove_mailbox (void) #ifdef WITH_TCB static int remove_tcbdir (const char *user_name, uid_t user_id) { - char *buf; - int ret = 0; - size_t buflen = (sizeof TCB_DIR) + strlen (user_name) + 2; + int ret = 0; + char *buf; if (!getdef_bool ("USE_TCB")) { return 0; } - buf = MALLOC(buflen, char); - if (NULL == buf) { - fprintf (stderr, _("%s: Can't allocate memory, " - "tcb entry for %s not removed.\n"), - Prog, user_name); + if (asprintf(&buf, TCB_DIR "/%s", user_name) == -1) { + fprintf(stderr, + _("%s: Can't allocate memory, tcb entry for %s not removed.\n"), + Prog, user_name); return 1; } - snprintf (buf, buflen, TCB_DIR "/%s", user_name); if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) { fprintf (stderr, _("%s: Cannot drop privileges: %s\n"), Prog, strerror (errno)); @@ -1128,15 +1119,10 @@ int main (int argc, char **argv) user_gid = pwd->pw_gid; if (prefix[0]) { - - size_t len = strlen(prefix) + strlen(pwd->pw_dir) + 2; - int wlen; - user_home = XMALLOC(len, char); - wlen = snprintf(user_home, len, "%s/%s", prefix, pwd->pw_dir); - assert (wlen == (int) len -1); - } - else { - user_home = xstrdup (pwd->pw_dir); + if (asprintf(&user_home, "%s/%s", prefix, pwd->pw_dir) == -1) + exit(EXIT_FAILURE); + } else { + user_home = xstrdup(pwd->pw_dir); } pw_close(); } diff --git a/src/usermod.c b/src/usermod.c index 7d9e661d..693c94a3 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -59,6 +59,7 @@ #endif #include "shadowlog.h" + /* * exit status values * for E_GRP_UPDATE and E_NOSPACE (not used yet), other update requests @@ -1265,16 +1266,14 @@ static void process_flags (int argc, char **argv) user_newgid = user_gid; } if (prefix[0]) { - size_t len = strlen(prefix) + strlen(user_home) + 2; - int wlen; - prefix_user_home = XMALLOC(len, char); - wlen = snprintf(prefix_user_home, len, "%s/%s", prefix, user_home); - assert (wlen == (int) len -1); + if (asprintf(&prefix_user_home, "%s/%s", prefix, user_home) == -1) + exit(EXIT_FAILURE); if (user_newhome) { - len = strlen(prefix) + strlen(user_newhome) + 2; - prefix_user_newhome = XMALLOC(len, char); - wlen = snprintf(prefix_user_newhome, len, "%s/%s", prefix, user_newhome); - assert (wlen == (int) len -1); + if (asprintf(&prefix_user_newhome, "%s/%s", + prefix, user_newhome) == -1) + { + exit(EXIT_FAILURE); + } } } @@ -2042,11 +2041,10 @@ static void update_faillog (void) */ static void move_mailbox (void) { - const char *maildir; - char* mailfile; - int fd; - struct stat st; - size_t size; + int fd; + char *mailfile; + const char *maildir; + struct stat st; maildir = getdef_str ("MAIL_DIR"); #ifdef MAIL_SPOOL_DIR @@ -2057,8 +2055,6 @@ static void move_mailbox (void) if (NULL == maildir) { return; } - size = strlen(prefix) + strlen(maildir) + strlen(user_name) + 3; - mailfile = XMALLOC(size, char); /* * O_NONBLOCK is to make sure open won't hang on mandatory locks. @@ -2067,12 +2063,11 @@ static void move_mailbox (void) * between stat and chown). --marekm */ if (prefix[0]) { - (void) snprintf (mailfile, size, "%s/%s/%s", - prefix, maildir, user_name); - } - else { - (void) snprintf (mailfile, size, "%s/%s", - maildir, user_name); + if (asprintf(&mailfile, "%s/%s/%s", prefix, maildir, user_name) == -1) + exit(EXIT_FAILURE); + } else { + if (asprintf(&mailfile, "%s/%s", maildir, user_name) == -1) + exit(EXIT_FAILURE); } fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0); @@ -2114,18 +2109,17 @@ static void move_mailbox (void) (void) close (fd); if (lflg) { - char* newmailfile; - size_t newsize; + char *newmailfile; - newsize = strlen(prefix) + strlen(maildir) + strlen(user_newname) + 3; - newmailfile = XMALLOC(newsize, char); if (prefix[0]) { - (void) snprintf (newmailfile, newsize, "%s/%s/%s", - prefix, maildir, user_newname); - } - else { - (void) snprintf (newmailfile, newsize, "%s/%s", - maildir, user_newname); + if (asprintf(&newmailfile, "%s/%s/%s", + prefix, maildir, user_newname) == -1) + { + exit(EXIT_FAILURE); + } + } else { + if (asprintf(&newmailfile, "%s/%s", maildir, user_newname) == -1) + exit(EXIT_FAILURE); } if ( (link (mailfile, newmailfile) != 0) || (unlink (mailfile) != 0)) { @@ -44,6 +44,7 @@ #endif /* WITH_TCB */ #include "shadowlog.h" + #define MSG_WARN_EDIT_OTHER_FILE _( \ "You have modified %s.\n"\ "You may need to modify %s for consistency.\n"\ @@ -192,16 +193,15 @@ static void vipwexit (const char *msg, int syserr, int ret) static void vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) { - const char *editor; - pid_t pid; - struct stat st1, st2; - int status; - FILE *f; - pid_t orig_pgrp, editor_pgrp = -1; - sigset_t mask, omask; + int status; + char *to_rename; + FILE *f; + pid_t pid, orig_pgrp, editor_pgrp = -1; + sigset_t mask, omask; + const char *editor; + struct stat st1, st2; /* FIXME: the following should have variable sizes */ - char filebackup[1024], fileedit[1024]; - char *to_rename; + char filebackup[1024], fileedit[1024]; snprintf (filebackup, sizeof filebackup, "%s-", file); #ifdef WITH_TCB @@ -294,7 +294,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) } else if (0 == pid) { /* use the system() call to invoke the editor so that it accepts command line args in the EDITOR and VISUAL environment vars */ - char *buf; + char *buf; /* Wait for parent to make us the foreground pgrp. */ if (orig_pgrp != -1) { @@ -304,9 +304,9 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) continue; } - buf = MALLOC(strlen(editor) + strlen(fileedit) + 2, char); - snprintf (buf, strlen (editor) + strlen (fileedit) + 2, - "%s %s", editor, fileedit); + if (asprintf(&buf, "%s %s", editor, fileedit) == -1) + exit(EXIT_FAILURE); + status = system (buf); if (-1 == status) { fprintf (stderr, _("%s: %s: %s\n"), Prog, editor, @@ -420,13 +420,11 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) if (stat (file, &st1) != 0) { vipwexit (_("failed to stat edited file"), errno, 1); } - to_rename = MALLOC(strlen(file) + 2, char); - if (NULL == to_rename) { - vipwexit (_("failed to allocate memory"), errno, 1); - } - snprintf (to_rename, strlen (file) + 2, "%s+", file); + if (asprintf(&to_rename, "%s+", file) == -1) + vipwexit (_("asprintf(3) failed"), errno, 1); + if (create_backup_file (f, to_rename, &st1) != 0) { - free (to_rename); + free(to_rename); vipwexit (_("failed to create backup file"), errno, 1); } (void) fclose (f); @@ -444,7 +442,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) Prog, file, strerror (errno), to_rename); #ifdef WITH_TCB if (tcb_mode) { - free (to_rename); + free(to_rename); } #endif /* WITH_TCB */ vipwexit (0, 0, 1); @@ -452,7 +450,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) #ifdef WITH_TCB if (tcb_mode) { - free (to_rename); + free(to_rename); if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) { vipwexit (_("failed to gain privileges"), errno, 1); } |