Patchwork [PATCHv4,2/2] envlist.c: handle strdup failure

login
register
mail settings
Submitter Jim Meyering
Date Aug. 17, 2012, 6:24 p.m.
Message ID <1345227891-32449-3-git-send-email-jim@meyering.net>
Download mbox | patch
Permalink /patch/178313/
State New
Headers show

Comments

Jim Meyering - Aug. 17, 2012, 6:24 p.m.
From: Jim Meyering <meyering@redhat.com>

Without this, envlist_to_environ may silently fail to copy all
strings into the destination buffer, and both callers would leak
any env strings allocated after a failing strdup, because the
freeing code stops at the first NULL pointer.

Signed-off-by: Jim Meyering <meyering@redhat.com>
---
 envlist.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)
Andreas Färber - Aug. 19, 2012, 1:21 p.m.
Am 17.08.2012 20:24, schrieb Jim Meyering:
> From: Jim Meyering <meyering@redhat.com>
> 
> Without this, envlist_to_environ may silently fail to copy all
> strings into the destination buffer, and both callers would leak
> any env strings allocated after a failing strdup, because the
> freeing code stops at the first NULL pointer.
> 
> Signed-off-by: Jim Meyering <meyering@redhat.com>
> ---
>  envlist.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/envlist.c b/envlist.c
> index 230596f..cf3f2d8 100644
> --- a/envlist.c
> +++ b/envlist.c
> @@ -245,8 +245,16 @@ envlist_to_environ(const envlist_t *envlist, size_t *count)
>      }
> 
>      for (entry = envlist->el_entries.lh_first; entry != NULL;
> -         entry = entry->ev_link.le_next) {
> -        *(penv++) = strdup(entry->ev_var);
> +         entry = entry->ev_link.le_next, penv++) {
> +        *penv = strdup(entry->ev_var);
> +        if (*penv == NULL) {
> +            char **e = env;
> +            while (e <= penv) {
> +                free(*e++);
> +            }
> +            free(env);
> +            return NULL;
> +        }
>      }
>      *penv = NULL; /* NULL terminate the list */
> 

Acked-by: Andreas Färber <afaerber@suse.de>

Andreas

Patch

diff --git a/envlist.c b/envlist.c
index 230596f..cf3f2d8 100644
--- a/envlist.c
+++ b/envlist.c
@@ -245,8 +245,16 @@  envlist_to_environ(const envlist_t *envlist, size_t *count)
     }

     for (entry = envlist->el_entries.lh_first; entry != NULL;
-         entry = entry->ev_link.le_next) {
-        *(penv++) = strdup(entry->ev_var);
+         entry = entry->ev_link.le_next, penv++) {
+        *penv = strdup(entry->ev_var);
+        if (*penv == NULL) {
+            char **e = env;
+            while (e <= penv) {
+                free(*e++);
+            }
+            free(env);
+            return NULL;
+        }
     }
     *penv = NULL; /* NULL terminate the list */