Clear passwords on __gr_dup/__pw_dup errors.

The functions __gr_dup and __pw_dup do not explicitly zero the
memory which hold the passwords after free. The gr_free and pw_free
functions do this explicitly.

To guarantee same behaviour, it's possible to call these *_free
functions directly from __*_dup, because the memory is initialized
with zeros at the beginning. Calling free(NULL) has no negative
effect and can be considered safe these days.
This commit is contained in:
Tobias Stoeckmann 2015-07-11 13:00:13 +02:00
parent 3c32fd4a29
commit df5dafe049
2 changed files with 9 additions and 28 deletions

View File

@ -55,15 +55,14 @@
gr->gr_name = strdup (grent->gr_name); gr->gr_name = strdup (grent->gr_name);
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == gr->gr_name) { if (NULL == gr->gr_name) {
free(gr); gr_free(gr);
return NULL; return NULL;
} }
/*@-mustfreeonly@*/ /*@-mustfreeonly@*/
gr->gr_passwd = strdup (grent->gr_passwd); gr->gr_passwd = strdup (grent->gr_passwd);
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == gr->gr_passwd) { if (NULL == gr->gr_passwd) {
free(gr->gr_name); gr_free(gr);
free(gr);
return NULL; return NULL;
} }
@ -73,21 +72,13 @@
gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == gr->gr_mem) { if (NULL == gr->gr_mem) {
free(gr->gr_passwd); gr_free(gr);
free(gr->gr_name);
free(gr);
return NULL; return NULL;
} }
for (i = 0; grent->gr_mem[i]; i++) { for (i = 0; grent->gr_mem[i]; i++) {
gr->gr_mem[i] = strdup (grent->gr_mem[i]); gr->gr_mem[i] = strdup (grent->gr_mem[i]);
if (NULL == gr->gr_mem[i]) { if (NULL == gr->gr_mem[i]) {
int j; gr_free(gr);
for (j=0; j<i; j++)
free(gr->gr_mem[j]);
free(gr->gr_mem);
free(gr->gr_passwd);
free(gr->gr_name);
free(gr);
return NULL; return NULL;
} }
} }

View File

@ -56,45 +56,35 @@
pw->pw_name = strdup (pwent->pw_name); pw->pw_name = strdup (pwent->pw_name);
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == pw->pw_name) { if (NULL == pw->pw_name) {
free(pw); pw_free(pw);
return NULL; return NULL;
} }
/*@-mustfreeonly@*/ /*@-mustfreeonly@*/
pw->pw_passwd = strdup (pwent->pw_passwd); pw->pw_passwd = strdup (pwent->pw_passwd);
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == pw->pw_passwd) { if (NULL == pw->pw_passwd) {
free(pw->pw_name); pw_free(pw);
free(pw);
return NULL; return NULL;
} }
/*@-mustfreeonly@*/ /*@-mustfreeonly@*/
pw->pw_gecos = strdup (pwent->pw_gecos); pw->pw_gecos = strdup (pwent->pw_gecos);
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == pw->pw_gecos) { if (NULL == pw->pw_gecos) {
free(pw->pw_passwd); pw_free(pw);
free(pw->pw_name);
free(pw);
return NULL; return NULL;
} }
/*@-mustfreeonly@*/ /*@-mustfreeonly@*/
pw->pw_dir = strdup (pwent->pw_dir); pw->pw_dir = strdup (pwent->pw_dir);
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == pw->pw_dir) { if (NULL == pw->pw_dir) {
free(pw->pw_gecos); pw_free(pw);
free(pw->pw_passwd);
free(pw->pw_name);
free(pw);
return NULL; return NULL;
} }
/*@-mustfreeonly@*/ /*@-mustfreeonly@*/
pw->pw_shell = strdup (pwent->pw_shell); pw->pw_shell = strdup (pwent->pw_shell);
/*@=mustfreeonly@*/ /*@=mustfreeonly@*/
if (NULL == pw->pw_shell) { if (NULL == pw->pw_shell) {
free(pw->pw_dir); pw_free(pw);
free(pw->pw_gecos);
free(pw->pw_passwd);
free(pw->pw_name);
free(pw);
return NULL; return NULL;
} }