From 70766a12dcdd2480fe12194e2ce58aaa12fdc801 Mon Sep 17 00:00:00 2001
From: Steffan Karger <steffan@karger.me>
Date: Wed, 26 Aug 2015 00:25:05 +0200
Subject: [PATCH] Add missing strdup() return value checks
As reported by Bill Parker in trac #600, strdup() return values are not
always correctly checked for failed allocations. This patch adds missing
checks.
Note that in misc.c and options.c, the check is after the dirname() or
basename() call, because these can deal with NULL params and we need to
keep MSVC happy with its ancient no-declaration-after-statement policy.
Signed-off-by: Steffan Karger <steffan@karger.me>
---
src/openvpn/cryptoapi.c | 1 +
src/openvpn/init.c | 1 +
src/openvpn/misc.c | 1 +
src/openvpn/options.c | 1 +
src/openvpn/ssl_polarssl.c | 1 +
5 files changed, 5 insertions(+)
diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
index b7fc11e..62f30be 100644
a
|
b
|
static char *ms_error_text(DWORD ms_err) |
127 | 127 | break; |
128 | 128 | } |
129 | 129 | } |
| 130 | check_malloc_return(rv); |
130 | 131 | return rv; |
131 | 132 | } |
132 | 133 | |
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index b7c153b..0809cc7 100644
a
|
b
|
init_options_dev (struct options *options) |
817 | 817 | { |
818 | 818 | if (!options->dev && options->dev_node) { |
819 | 819 | char *dev_node = strdup(options->dev_node); /* POSIX basename() implementaions may modify its arguments */ |
| 820 | check_malloc_return(dev_node); |
820 | 821 | options->dev = basename (dev_node); |
821 | 822 | } |
822 | 823 | } |
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index a5bad0d..b543b65 100644
a
|
b
|
argv_extract_cmd_name (const char *path) |
1608 | 1608 | { |
1609 | 1609 | char *path_cp = strdup(path); /* POSIX basename() implementaions may modify its arguments */ |
1610 | 1610 | const char *bn = basename (path_cp); |
| 1611 | check_malloc_return(path_cp); |
1611 | 1612 | if (bn) |
1612 | 1613 | { |
1613 | 1614 | char *ret = string_alloc (bn, NULL); |
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 2784580..dba7c9d 100644
a
|
b
|
check_file_access(const int type, const char *file, const int mode, const char * |
2588 | 2588 | { |
2589 | 2589 | char *fullpath = strdup(file); /* POSIX dirname() implementaion may modify its arguments */ |
2590 | 2590 | char *dirpath = dirname(fullpath); |
| 2591 | check_malloc_return(fullpath); |
2591 | 2592 | |
2592 | 2593 | if (platform_access (dirpath, mode|X_OK) != 0) |
2593 | 2594 | errcode = errno; |
diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c
index 3fc811e..673dbbe 100644
a
|
b
|
tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) |
198 | 198 | /* Parse allowed ciphers, getting IDs */ |
199 | 199 | i = 0; |
200 | 200 | tmp_ciphers_orig = tmp_ciphers = strdup(ciphers); |
| 201 | check_malloc_return(tmp_ciphers); |
201 | 202 | |
202 | 203 | token = strtok (tmp_ciphers, ":"); |
203 | 204 | while(token) |