Date: Sun, 3 Dec 2000 07:25:12 -0500 From: Chris Faulhaber <jedgar@fxp.org> To: freebsd-audit@FreeBSD.org Subject: crunchgen(8) patch (again) Message-ID: <20001203072512.A86744@earth.causticlabs.com>
next in thread | raw e-mail | index | archive | help
The following patch fixes: o check strdup() return values o strcpy() -> strlcpy() o sprintf() -> snprintf() o mktemp() -> mkstemp() o use err() instead of errx() in out_of_memory() function since errno will probably be set Also, I have quite a few small patches for review at: http://www.fxp.org/~jedgar/FreeBSD/diffs/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: crunchgen.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/crunch/crunchgen/crunchgen.c,v retrieving revision 1.17 diff -u -r1.17 crunchgen.c --- crunchgen.c 2000/11/30 21:14:54 1.17 +++ crunchgen.c 2000/12/01 13:48:30 @@ -124,7 +124,8 @@ if (p == NULL || *p == '\0') objprefix = "/usr/obj"; /* default */ else - objprefix = strdup(p); + if ((objprefix = strdup(p)) == NULL) + out_of_memory(); while((optc = getopt(argc, argv, "lh:m:c:e:p:foq")) != -1) { switch(optc) { @@ -132,11 +133,13 @@ case 'o': makeobj = 1; break; case 'q': verbose = 0; break; - case 'm': strcpy(outmkname, optarg); break; - case 'p': objprefix = strdup(optarg); break; - case 'h': strcpy(outhdrname, optarg); break; - case 'c': strcpy(outcfname, optarg); break; - case 'e': strcpy(execfname, optarg); break; + case 'm': strlcpy(outmkname, optarg, sizeof(outmkname)); break; + case 'p': if ((objprefix = strdup(optarg)) == NULL) + out_of_memory(); + break; + case 'h': strlcpy(outhdrname, optarg, sizeof(outhdrname)); break; + case 'c': strlcpy(outcfname, optarg, sizeof(outcfname)); break; + case 'e': strlcpy(execfname, optarg, sizeof(execfname)); break; case 'l': list_mode++; verbose = 0; break; case '?': @@ -153,24 +156,21 @@ * generate filenames */ - strcpy(infilename, argv[0]); + strlcpy(infilename, argv[0], sizeof(infilename)); /* confname = `basename infilename .conf` */ - if((p=strrchr(infilename, '/')) != NULL) strcpy(confname, p+1); - else strcpy(confname, infilename); + if((p=strrchr(infilename, '/')) != NULL) + strlcpy(confname, p+1, sizeof(confname)); + else strlcpy(confname, infilename, sizeof(confname)); if((p=strrchr(confname, '.')) != NULL && !strcmp(p, ".conf")) *p = '\0'; - if(!*outmkname) sprintf(outmkname, "%s.mk", confname); - if(!*outcfname) sprintf(outcfname, "%s.c", confname); - if(!*execfname) sprintf(execfname, "%s", confname); + if(!*outmkname) snprintf(outmkname, sizeof(outmkname), "%s.mk", confname); + if(!*outcfname) snprintf(outcfname, sizeof(outcfname), "%s.c", confname); + if(!*execfname) snprintf(execfname, sizeof(execfname), "%s", confname); snprintf(cachename, sizeof(cachename), "%s.cache", confname); snprintf(tempfname, sizeof(tempfname), ".tmp_%sXXXXXX", confname); - if(mktemp(tempfname) == NULL) { - perror(tempfname); - exit(1); - } parse_conf_file(); if (list_mode) @@ -232,9 +232,9 @@ FILE *cf; char line[MAXLINELEN]; - sprintf(line, "reading %s", filename); + snprintf(line, sizeof(line), "reading %s", filename); status(line); - strcpy(curfilename, filename); + strlcpy(curfilename, filename, sizeof(curfilename)); if((cf = fopen(curfilename, "r")) == NULL) { warn("%s", curfilename); @@ -526,7 +526,8 @@ if(srcparent) snprintf(line, MAXLINELEN, "%s/%s", srcparent, p->name); if(is_dir(line)) - p->srcdir = strdup(line); + if ((p->srcdir = strdup(line)) == NULL) + out_of_memory(); } if(!p->objdir && p->srcdir) { FILE *f; @@ -539,7 +540,8 @@ fgets(path,sizeof path, f); if (!pclose(f)) { if(is_dir(path)) - p->objdir = strdup(path); + if ((p->objdir = strdup(path)) == NULL) + out_of_memory(); } } } @@ -579,7 +581,7 @@ void fillin_program_objs(prog_t *p, char *path) { char *obj, *cp; - int rc; + int fd, rc; FILE *f; char *objvar="OBJS"; strlst_t *s; @@ -587,7 +589,11 @@ /* discover the objs from the srcdir Makefile */ - if((f = fopen(tempfname, "w")) == NULL) { + if((fd = mkstemp(tempfname)) == -1) { + perror(tempfname); + exit(1); + } + if((f = fdopen(fd, "w")) == NULL) { warn("%s", tempfname); goterror = 1; return; @@ -928,7 +934,7 @@ void out_of_memory(void) { - errx(1, "%s: %d: out of memory, stopping", infilename, linenum); + err(1, "%s: %d: out of memory, stopping", infilename, linenum); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001203072512.A86744>