emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

Use safer allocation macros

Browse Source 
Use of these macros, apart from the benefits mentioned in the commit
that adds the macros, has some other good side effects:

-  Consistency in getting the size of the object from sizeof(type),
   instead of a mix of sizeof(type) sometimes and sizeof(*p) other
   times.

-  More readable code: no casts, and no sizeof(), so also shorter lines
   that we don't need to cut.

-  Consistency in using array allocation calls for allocations of arrays
   of objects, even when the object size is 1.

Cc: Valentin V. Bartenev <vbartenev@gmail.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
This commit is contained in:
Alejandro Colomar
2023-02-04 22:41:18 +01:00
committed by Serge Hallyn
parent 6e58c12752
commit efbbcade43
44 changed files with 196 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
libmisc/addgrps.c
View File

@@ -17,6 +17,8 @@
#include <stdio.h>
#include <grp.h>
#include <errno.h>
#include "alloc.h"
#include "shadowlog.h"
#ident "$Id$"
@@ -46,7 +48,7 @@ int add_groups (const char *list)
i = 16;
for (;;) {
grouplist = (gid_t *) mallocarray (i, sizeof (GETGROUPS_T));
grouplist = MALLOCARRAY (i, GETGROUPS_T);
if (NULL == grouplist) {
return -1;
}
@@ -88,7 +90,7 @@ int add_groups (const char *list)
fputs (_("Warning: too many groups\n"), shadow_logfd);
break;
}
grouplist = (gid_t *) reallocarrayf (grouplist, (size_t)ngroups + 1, sizeof (GETGROUPS_T));
grouplist = REALLOCARRAYF(grouplist, (size_t) ngroups + 1, GETGROUPS_T);
if (grouplist == NULL) {
return -1;
}

5
libmisc/agetpass.c
View File

@@ -15,6 +15,7 @@
#ident "$Id$"
#include "alloc.h"
#include "prototypes.h"
@@ -46,7 +47,7 @@
* through malloc(3). This makes the function thread-safe, and
* also reduces the visibility of the buffer.
*
* - agetpass() doesn't call realloc(3) internally. Some
* - agetpass() doesn't reallocate internally. Some
* implementations of getpass(3), such as glibc, do that, as a
* consequence of calling getline(3). That's a bug in glibc,
* which allows leaking prefixes of passwords in freed memory.
@@ -101,7 +102,7 @@ agetpass(const char *prompt)
* Let's add one more byte, and if the password uses it, it
* means the introduced password was longer than PASS_MAX.
*/
pass = malloc(PASS_MAX + 2);
pass = MALLOCARRAY(PASS_MAX + 2, char);
if (pass == NULL)
return NULL;

12
libmisc/copydir.c
View File

@@ -228,7 +228,7 @@ static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, c
return NULL;
}
lp = (struct link_name *) xmalloc (sizeof *lp);
lp = XMALLOC (struct link_name);
src_len = strlen (src_orig);
dst_len = strlen (dst_orig);
name_len = strlen (name);
@@ -236,7 +236,7 @@ static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, c
lp->ln_ino = sb->st_ino;
lp->ln_count = sb->st_nlink;
len = name_len - src_len + dst_len + 1;
lp->ln_name = (char *) xmalloc (len);
lp->ln_name = XMALLOCARRAY (len, char);
(void) snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len);
lp->ln_next = links;
links = lp;
@@ -326,8 +326,8 @@ static int copy_tree_impl (const struct path_info *src, const struct path_info *
src_len += strlen (src->full_path);
dst_len += strlen (dst->full_path);
src_name = (char *) malloc (src_len);
dst_name = (char *) malloc (dst_len);
src_name = MALLOCARRAY (src_len, char);
dst_name = MALLOCARRAY (dst_len, char);
if ((NULL == src_name) || (NULL == dst_name)) {
err = -1;
@@ -561,7 +561,7 @@ static /*@null@*/char *readlink_malloc (const char *filename)
while (true) {
ssize_t nchars;
char *buffer = (char *) malloc (size);
char *buffer = MALLOCARRAY (size, char);
if (NULL == buffer) {
return NULL;
}
@@ -626,7 +626,7 @@ static int copy_symlink (const struct path_info *src, const struct path_info *ds
*/
if (strncmp (oldlink, src_orig, strlen (src_orig)) == 0) {
size_t len = strlen (dst_orig) + strlen (oldlink) - strlen (src_orig) + 1;
char *dummy = (char *) xmalloc (len);
char *dummy = XMALLOCARRAY (len, char);
(void) snprintf (dummy, len, "%s%s",
dst_orig,
oldlink + strlen (src_orig));

7
libmisc/env.c
View File

@@ -60,7 +60,7 @@ static const char *const noslash[] = {
*/
void initenv (void)
{
newenvp = (char **) xmallocarray (NEWENVP_STEP, sizeof (char *));
newenvp = XMALLOCARRAY (NEWENVP_STEP, char *);
*newenvp = NULL;
}
@@ -74,7 +74,7 @@ void addenv (const char *string, /*@null@*/const char *value)
if (NULL != value) {
size_t len = strlen (string) + strlen (value) + 2;
int wlen;
newstring = xmalloc (len);
newstring = XMALLOCARRAY (len, char);
wlen = snprintf (newstring, len, "%s=%s", string, value);
assert (wlen == (int) len -1);
} else {
@@ -135,8 +135,7 @@ void addenv (const char *string, /*@null@*/const char *value)
* happily go on, else print a message.
*/
__newenvp = (char **) reallocarray (newenvp, newenvc + NEWENVP_STEP,
sizeof (char *));
__newenvp = REALLOCARRAY(newenvp, newenvc + NEWENVP_STEP, char *);
if (NULL != __newenvp) {
/*

3
libmisc/find_new_gid.c
View File

@@ -12,6 +12,7 @@
#include <stdio.h>
#include <errno.h>
#include "alloc.h"
#include "prototypes.h"
#include "groupio.h"
#include "getdef.h"
@@ -231,7 +232,7 @@ int find_new_gid (bool sys_group,
*/
/* Create an array to hold all of the discovered GIDs */
used_gids = calloc (gid_max + 1, sizeof (bool));
used_gids = CALLOC (gid_max + 1, bool);
if (NULL == used_gids) {
fprintf (log_get_logfd(),
_("%s: failed to allocate memory: %s\n"),

3
libmisc/find_new_uid.c
View File

@@ -12,6 +12,7 @@
#include <stdio.h>
#include <errno.h>
#include "alloc.h"
#include "prototypes.h"
#include "pwio.h"
#include "getdef.h"
@@ -231,7 +232,7 @@ int find_new_uid(bool sys_user,
*/
/* Create an array to hold all of the discovered UIDs */
used_uids = mallocarray (uid_max + 1, sizeof (bool));
used_uids = MALLOCARRAY (uid_max + 1, bool);
if (NULL == used_uids) {
fprintf (log_get_logfd(),
_("%s: failed to allocate memory: %s\n"),

6
libmisc/idmapping.c
View File

@@ -11,6 +11,8 @@
#include <limits.h>
#include <stdlib.h>
#include <stdio.h>
#include "alloc.h"
#include "prototypes.h"
#include "stpeprintf.h"
#include "idmapping.h"
@@ -44,7 +46,7 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
return NULL;
}
mappings = calloc(ranges, sizeof(*mappings));
mappings = CALLOC(ranges, struct map_range);
if (!mappings) {
fprintf(log_get_logfd(), _( "%s: Memory allocation failure\n"),
log_get_progname());
@@ -189,7 +191,7 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings
#endif
bufsize = ranges * ((ULONG_DIGITS + 1) * 3);
pos = buf = xmalloc(bufsize);
pos = buf = XMALLOCARRAY(bufsize, char);
end = buf + bufsize;
/* Build the mapping command */

10
libmisc/list.c
View File

@@ -11,6 +11,8 @@
#ident "$Id$"
#include <assert.h>
#include "alloc.h"
#include "prototypes.h"
#include "defines.h"
/*
@@ -44,7 +46,7 @@
* old entries, and the new entries as well.
*/
tmp = (char **) xmallocarray (i + 2, sizeof member);
tmp = XMALLOCARRAY (i + 2, char *);
/*
* Copy the original list to the new list, then append the
@@ -98,7 +100,7 @@
* old entries.
*/
tmp = (char **) xmallocarray (j + 1, sizeof member);
tmp = XMALLOCARRAY (j + 1, char *);
/*
* Copy the original list except the deleted members to the
@@ -133,7 +135,7 @@
for (i = 0; NULL != list[i]; i++);
tmp = (char **) xmallocarray (i + 1, sizeof (char *));
tmp = XMALLOCARRAY (i + 1, char *);
i = 0;
while (NULL != *list) {
@@ -210,7 +212,7 @@ bool is_on_list (char *const *list, const char *member)
* Allocate the array we're going to store the pointers into.
*/
array = (char **) xmallocarray (i, sizeof (char *));
array = XMALLOCARRAY (i, char *);
/*
* Empty list is special - 0 members, not 1 empty member. --marekm

4
libmisc/loginprompt.c
View File

@@ -15,6 +15,8 @@
#include <stdio.h>
#include <signal.h>
#include <ctype.h>
#include "alloc.h"
#include "prototypes.h"
#include "defines.h"
#include "getdef.h"
@@ -130,7 +132,7 @@ void login_prompt (const char *prompt, char *name, int namesize)
envp[envc] = nvar;
} else {
size_t len = strlen (nvar) + 32;
envp[envc] = xmalloc (len);
envp[envc] = XMALLOCARRAY (len, char);
(void) snprintf (envp[envc], len,
"L%d=%s", count++, nvar);
}

3
libmisc/mail.c
View File

@@ -15,6 +15,7 @@
#include <stdio.h>
#include <string.h>
#include "alloc.h"
#include "getdef.h"
#ident "$Id$"
@@ -38,7 +39,7 @@ void mailcheck (void)
size_t len = strlen (mailbox) + 5;
int wlen;
newmail = xmalloc (len);
newmail = XMALLOCARRAY (len, char);
wlen = snprintf (newmail, len, "%s/new", mailbox);
assert (wlen == (int) len - 1);

4
libmisc/obscure.c
View File

@@ -21,6 +21,8 @@
*/
#include <ctype.h>
#include <stdio.h>
#include "alloc.h"
#include "prototypes.h"
#include "defines.h"
#include "getdef.h"
@@ -158,7 +160,7 @@ static /*@observer@*//*@null@*/const char *password_check (
newmono = str_lower (xstrdup (new));
oldmono = str_lower (xstrdup (old));
wrapped = xmalloc (strlen (oldmono) * 2 + 1);
wrapped = XMALLOCARRAY (strlen (oldmono) * 2 + 1, char);
strcpy (wrapped, oldmono);
strcat (wrapped, oldmono);

4
libmisc/pam_pass_non_interactive.c
View File

@@ -14,6 +14,8 @@
#include <stdio.h>
#include <stdlib.h>
#include <security/pam_appl.h>
#include "alloc.h"
#include "prototypes.h"
#include "shadowlog.h"
@@ -43,7 +45,7 @@ static int ni_conv (int num_msg,
return PAM_CONV_ERR;
}
responses = (struct pam_response *) calloc (num_msg, sizeof (*responses));
responses = CALLOC (num_msg, struct pam_response);
if (NULL == responses) {
return PAM_CONV_ERR;
}

16
libmisc/prefix_flag.c
View File

@@ -11,7 +11,9 @@
#include <stdio.h>
#include <assert.h>
#include "defines.h"
#include "alloc.h"
#include "prototypes.h"
/*@-exitarg@*/
#include "exitcodes.h"
@@ -95,18 +97,18 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
}
size_t len;
len = strlen(prefix) + strlen(PASSWD_FILE) + 2;
passwd_db_file = xmalloc(len);
passwd_db_file = XMALLOCARRAY(len, char);
snprintf(passwd_db_file, len, "%s/%s", prefix, PASSWD_FILE);
pw_setdbname(passwd_db_file);
len = strlen(prefix) + strlen(GROUP_FILE) + 2;
group_db_file = xmalloc(len);
group_db_file = XMALLOCARRAY(len, char);
snprintf(group_db_file, len, "%s/%s", prefix, GROUP_FILE);
gr_setdbname(group_db_file);
#ifdef SHADOWGRP
len = strlen(prefix) + strlen(SGROUP_FILE) + 2;
sgroup_db_file = xmalloc(len);
sgroup_db_file = XMALLOCARRAY(len, char);
snprintf(sgroup_db_file, len, "%s/%s", prefix, SGROUP_FILE);
sgr_setdbname(sgroup_db_file);
#endif
@@ -115,18 +117,18 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
#endif
len = strlen(prefix) + strlen(SHADOW_FILE) + 2;
spw_db_file = xmalloc(len);
spw_db_file = XMALLOCARRAY(len, char);
snprintf(spw_db_file, len, "%s/%s", prefix, SHADOW_FILE);
spw_setdbname(spw_db_file);
#ifdef ENABLE_SUBIDS
len = strlen(prefix) + strlen("/etc/subuid") + 2;
suid_db_file = xmalloc(len);
suid_db_file = XMALLOCARRAY(len, char);
snprintf(suid_db_file, len, "%s/%s", prefix, "/etc/subuid");
sub_uid_setdbname(suid_db_file);
len = strlen(prefix) + strlen("/etc/subgid") + 2;
sgid_db_file = xmalloc(len);
sgid_db_file = XMALLOCARRAY(len, char);
snprintf(sgid_db_file, len, "%s/%s", prefix, "/etc/subgid");
sub_gid_setdbname(sgid_db_file);
#endif
@@ -135,7 +137,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
setdef_config_file(prefix);
#else
len = strlen(prefix) + strlen("/etc/login.defs") + 2;
def_conf_file = xmalloc(len);
def_conf_file = XMALLOCARRAY(len, char);
snprintf(def_conf_file, len, "%s/%s", prefix, "/etc/login.defs");
setdef_config_file(def_conf_file);
#endif

4
libmisc/setupenv.c
View File

@@ -20,6 +20,8 @@
#include <sys/stat.h>
#include <stdio.h>
#include <ctype.h>
#include "alloc.h"
#include "prototypes.h"
#include "defines.h"
#include <pwd.h>
@@ -34,7 +36,7 @@ addenv_path (const char *varname, const char *dirname, const char *filename)
size_t len = strlen (dirname) + strlen (filename) + 2;
int wlen;
buf = xmalloc (len);
buf = XMALLOCARRAY (len, char);
wlen = snprintf (buf, len, "%s/%s", dirname, filename);
assert (wlen == (int) len - 1);

10
libmisc/utmp.c
View File

@@ -20,6 +20,8 @@
#include <netdb.h>
#include <stdio.h>
#include "alloc.h"
#ident "$Id$"
@@ -93,7 +95,7 @@ static bool is_my_tty (const char *tty)
}
if (NULL != ut) {
ret = (struct utmp *) xmalloc (sizeof (*ret));
ret = XMALLOC (struct utmp);
memcpy (ret, ut, sizeof (*ret));
}
@@ -158,12 +160,12 @@ static void updwtmp (const char *filename, const struct utmp *ut)
if ( (NULL != host)
&& ('\0' != host[0])) {
hostname = (char *) xmalloc (strlen (host) + 1);
hostname = XMALLOCARRAY (strlen (host) + 1, char);
strcpy (hostname, host);
#ifdef HAVE_STRUCT_UTMP_UT_HOST
} else if ( (NULL != ut)
&& ('\0' != ut->ut_host[0])) {
hostname = (char *) xmalloc (sizeof (ut->ut_host) + 1);
hostname = XMALLOCARRAY (sizeof (ut->ut_host) + 1, char);
strncpy (hostname, ut->ut_host, sizeof (ut->ut_host));
hostname[sizeof (ut->ut_host)] = '\0';
#endif /* HAVE_STRUCT_UTMP_UT_HOST */
@@ -174,7 +176,7 @@ static void updwtmp (const char *filename, const struct utmp *ut)
}
utent = (struct utmp *) xcalloc (1, sizeof (*utent));
utent = XCALLOC (1, struct utmp);
#ifdef HAVE_STRUCT_UTMP_UT_TYPE

6
libmisc/xgetXXbyYY.c
View File

@@ -30,6 +30,8 @@
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include "alloc.h"
#include "prototypes.h"
#include "shadowlog.h"
@@ -50,7 +52,7 @@
/* we have to start with something */
size_t length = 0x100;
result = malloc(sizeof(LOOKUP_TYPE));
result = MALLOC(LOOKUP_TYPE);
if (NULL == result) {
fprintf (log_get_logfd(), _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME));
@@ -60,7 +62,7 @@
while (true) {
int status;
LOOKUP_TYPE *resbuf = NULL;
buffer = (char *)xreallocarray (buffer, length, sizeof(char));
buffer = XREALLOCARRAY (buffer, length, char);
status = REENTRANT_NAME(ARG_NAME, result, buffer,
length, &resbuf);
if ((0 == status) && (resbuf == result)) {