Message ID | 20180626154638.723FE43994575@oldenburg.str.redhat.com |
---|---|
State | New |
Headers | show |
Series | wordexp: Rewrite parse_tilde to use struct scratch_buffer [BZ #18023] | expand |
On 26/06/2018 12:46, Florian Weimer wrote: > 2018-06-26 Florian Weimer <fweimer@redhat.com> > > [BZ #18023] > * posix/wordexp.c (parse_tilde): Use struct scratch_buffer > instead of extend_alloca. LGTM, thanks. > > diff --git a/posix/wordexp.c b/posix/wordexp.c > index 0b669a8f5e..7548e0329f 100644 > --- a/posix/wordexp.c > +++ b/posix/wordexp.c > @@ -17,7 +17,6 @@ > License along with the GNU C Library; if not, see > <http://www.gnu.org/licenses/>. */ > > -#include <alloca.h> > #include <ctype.h> > #include <errno.h> > #include <fcntl.h> > @@ -41,6 +40,7 @@ > #include <wchar.h> > #include <wordexp.h> > #include <kernel-features.h> > +#include <scratch_buffer.h> > > #include <libc-lock.h> > #include <_itoa.h> > @@ -299,12 +299,7 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, > if (i == 1 + *offset) > { > /* Tilde appears on its own */ > - uid_t uid; > - struct passwd pwd, *tpwd; > - int buflen = 1000; > char* home; > - char* buffer; > - int result; > > /* POSIX.2 says ~ expands to $HOME and if HOME is unset the > results are unspecified. We do a lookup on the uid if > @@ -319,25 +314,38 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, > } > else > { > - uid = __getuid (); > - buffer = __alloca (buflen); > + struct passwd pwd, *tpwd; > + uid_t uid = __getuid (); > + int result; > + struct scratch_buffer tmpbuf; > + scratch_buffer_init (&tmpbuf); > > - while ((result = __getpwuid_r (uid, &pwd, buffer, buflen, &tpwd)) != 0 > + while ((result = __getpwuid_r (uid, &pwd, > + tmpbuf.data, tmpbuf.length, > + &tpwd)) != 0 > && errno == ERANGE) > - buffer = extend_alloca (buffer, buflen, buflen + 1000); > + if (!scratch_buffer_grow (&tmpbuf)) > + return WRDE_NOSPACE; > > if (result == 0 && tpwd != NULL && pwd.pw_dir != NULL) > { > *word = w_addstr (*word, word_length, max_length, pwd.pw_dir); > if (*word == NULL) > - return WRDE_NOSPACE; > + { > + scratch_buffer_free (&tmpbuf); > + return WRDE_NOSPACE; > + } > } > else > { > *word = w_addchar (*word, word_length, max_length, '~'); > if (*word == NULL) > - return WRDE_NOSPACE; > + { > + scratch_buffer_free (&tmpbuf); > + return WRDE_NOSPACE; > + } > } > + scratch_buffer_free (&tmpbuf); > } > } > else > @@ -345,13 +353,15 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, > /* Look up user name in database to get home directory */ > char *user = strndupa (&words[1 + *offset], i - (1 + *offset)); > struct passwd pwd, *tpwd; > - int buflen = 1000; > - char* buffer = __alloca (buflen); > int result; > + struct scratch_buffer tmpbuf; > + scratch_buffer_init (&tmpbuf); > > - while ((result = __getpwnam_r (user, &pwd, buffer, buflen, &tpwd)) != 0 > + while ((result = __getpwnam_r (user, &pwd, tmpbuf.data, tmpbuf.length, > + &tpwd)) != 0 > && errno == ERANGE) > - buffer = extend_alloca (buffer, buflen, buflen + 1000); > + if (!scratch_buffer_grow (&tmpbuf)) > + return WRDE_NOSPACE; > > if (result == 0 && tpwd != NULL && pwd.pw_dir) > *word = w_addstr (*word, word_length, max_length, pwd.pw_dir); > @@ -363,6 +373,8 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, > *word = w_addstr (*word, word_length, max_length, user); > } > > + scratch_buffer_free (&tmpbuf); > + > *offset = i - 1; > } > return *word ? 0 : WRDE_NOSPACE; >
diff --git a/posix/wordexp.c b/posix/wordexp.c index 0b669a8f5e..7548e0329f 100644 --- a/posix/wordexp.c +++ b/posix/wordexp.c @@ -17,7 +17,6 @@ License along with the GNU C Library; if not, see <http://www.gnu.org/licenses/>. */ -#include <alloca.h> #include <ctype.h> #include <errno.h> #include <fcntl.h> @@ -41,6 +40,7 @@ #include <wchar.h> #include <wordexp.h> #include <kernel-features.h> +#include <scratch_buffer.h> #include <libc-lock.h> #include <_itoa.h> @@ -299,12 +299,7 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, if (i == 1 + *offset) { /* Tilde appears on its own */ - uid_t uid; - struct passwd pwd, *tpwd; - int buflen = 1000; char* home; - char* buffer; - int result; /* POSIX.2 says ~ expands to $HOME and if HOME is unset the results are unspecified. We do a lookup on the uid if @@ -319,25 +314,38 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, } else { - uid = __getuid (); - buffer = __alloca (buflen); + struct passwd pwd, *tpwd; + uid_t uid = __getuid (); + int result; + struct scratch_buffer tmpbuf; + scratch_buffer_init (&tmpbuf); - while ((result = __getpwuid_r (uid, &pwd, buffer, buflen, &tpwd)) != 0 + while ((result = __getpwuid_r (uid, &pwd, + tmpbuf.data, tmpbuf.length, + &tpwd)) != 0 && errno == ERANGE) - buffer = extend_alloca (buffer, buflen, buflen + 1000); + if (!scratch_buffer_grow (&tmpbuf)) + return WRDE_NOSPACE; if (result == 0 && tpwd != NULL && pwd.pw_dir != NULL) { *word = w_addstr (*word, word_length, max_length, pwd.pw_dir); if (*word == NULL) - return WRDE_NOSPACE; + { + scratch_buffer_free (&tmpbuf); + return WRDE_NOSPACE; + } } else { *word = w_addchar (*word, word_length, max_length, '~'); if (*word == NULL) - return WRDE_NOSPACE; + { + scratch_buffer_free (&tmpbuf); + return WRDE_NOSPACE; + } } + scratch_buffer_free (&tmpbuf); } } else @@ -345,13 +353,15 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, /* Look up user name in database to get home directory */ char *user = strndupa (&words[1 + *offset], i - (1 + *offset)); struct passwd pwd, *tpwd; - int buflen = 1000; - char* buffer = __alloca (buflen); int result; + struct scratch_buffer tmpbuf; + scratch_buffer_init (&tmpbuf); - while ((result = __getpwnam_r (user, &pwd, buffer, buflen, &tpwd)) != 0 + while ((result = __getpwnam_r (user, &pwd, tmpbuf.data, tmpbuf.length, + &tpwd)) != 0 && errno == ERANGE) - buffer = extend_alloca (buffer, buflen, buflen + 1000); + if (!scratch_buffer_grow (&tmpbuf)) + return WRDE_NOSPACE; if (result == 0 && tpwd != NULL && pwd.pw_dir) *word = w_addstr (*word, word_length, max_length, pwd.pw_dir); @@ -363,6 +373,8 @@ parse_tilde (char **word, size_t *word_length, size_t *max_length, *word = w_addstr (*word, word_length, max_length, user); } + scratch_buffer_free (&tmpbuf); + *offset = i - 1; } return *word ? 0 : WRDE_NOSPACE;