Ticket #600: 0001-Add-missing-strdup-return-value-checks.patch

File 0001-Add-missing-strdup-return-value-checks.patch, 2.9 KB (added by Steffan Karger, 9 years ago)

  • src/openvpn/cryptoapi.c 

    From 70766a12dcdd2480fe12194e2ce58aaa12fdc801 Mon Sep 17 00:00:00 2001
From: Steffan Karger <steffan@karger.me>
Date: Wed, 26 Aug 2015 00:25:05 +0200
Subject: [PATCH] Add missing strdup() return value checks

As reported by Bill Parker in trac #600, strdup() return values are not
always correctly checked for failed allocations.  This patch adds missing
checks.

Note that in misc.c and options.c, the check is after the dirname() or
basename() call, because these can deal with NULL params and we need to
keep MSVC happy with its ancient no-declaration-after-statement policy.

Signed-off-by: Steffan Karger <steffan@karger.me>
---
 src/openvpn/cryptoapi.c    | 1 +
 src/openvpn/init.c         | 1 +
 src/openvpn/misc.c         | 1 +
 src/openvpn/options.c      | 1 +
 src/openvpn/ssl_polarssl.c | 1 +
 5 files changed, 5 insertions(+)

diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
index b7fc11e..62f30be 100644
    a b static char *ms_error_text(DWORD ms_err) 
    127127                    break;
    128128            }
    129129    }
     130    check_malloc_return(rv);
    130131    return rv;
    131132}
    132133

  • src/openvpn/init.c 

    diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index b7c153b..0809cc7 100644
    a b init_options_dev (struct options *options) 
    817817{
    818818  if (!options->dev && options->dev_node) {
    819819    char *dev_node = strdup(options->dev_node); /* POSIX basename() implementaions may modify its arguments */
     820    check_malloc_return(dev_node);
    820821    options->dev = basename (dev_node);
    821822  }
    822823}

  • src/openvpn/misc.c 

    diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index a5bad0d..b543b65 100644
    a b argv_extract_cmd_name (const char *path) 
    16081608    {
    16091609      char *path_cp = strdup(path); /* POSIX basename() implementaions may modify its arguments */
    16101610      const char *bn = basename (path_cp);
     1611      check_malloc_return(path_cp);
    16111612      if (bn)
    16121613        {
    16131614          char *ret = string_alloc (bn, NULL);

  • src/openvpn/options.c 

    diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 2784580..dba7c9d 100644
    a b check_file_access(const int type, const char *file, const int mode, const char * 
    25882588    {
    25892589      char *fullpath = strdup(file);  /* POSIX dirname() implementaion may modify its arguments */
    25902590      char *dirpath = dirname(fullpath);
     2591      check_malloc_return(fullpath);
    25912592
    25922593      if (platform_access (dirpath, mode|X_OK) != 0)
    25932594          errcode = errno;

  • src/openvpn/ssl_polarssl.c 

    diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c
index 3fc811e..673dbbe 100644
    a b tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) 
    198198  /* Parse allowed ciphers, getting IDs */
    199199  i = 0;
    200200  tmp_ciphers_orig = tmp_ciphers = strdup(ciphers);
     201  check_malloc_return(tmp_ciphers);
    201202
    202203  token = strtok (tmp_ciphers, ":");
    203204  while(token)