diff options
author | Lennart Poettering <lennart@poettering.net> | 2012-09-20 11:08:27 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-09-20 11:08:27 +0200 |
commit | 040f18ea8a682dc80c9f3940cf234ccd1135e115 (patch) | |
tree | b5d831d28dda6d16e951c4b08dafbbbf0b7915eb | |
parent | 4b8772bf5f2887aa2bdb74efa2f5dfd40fff946d (diff) |
util: overflow hardening
-rw-r--r-- | TODO | 2 | ||||
-rw-r--r-- | src/shared/util.c | 16 | ||||
-rw-r--r-- | src/shared/util.h | 2 |
3 files changed, 15 insertions, 5 deletions
@@ -17,6 +17,8 @@ F18: * Retest multi-seat +* file bugs against KDE/... to take the new key inhibitor locks + Features: * instantiated [Install] for target units diff --git a/src/shared/util.c b/src/shared/util.c index b48bad4c46..02ee6374c3 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -1184,8 +1184,11 @@ char *strnappend(const char *s, const char *suffix, size_t b) { assert(suffix); a = strlen(s); + if ((size_t) -1 - a > b) + return NULL; - if (!(r = new(char, a+b+1))) + r = new(char, a+b+1); + if (!r) return NULL; memcpy(r, s, a); @@ -5014,12 +5017,17 @@ char *strjoin(const char *x, ...) { for (;;) { const char *t; + size_t n; t = va_arg(ap, const char *); if (!t) break; - l += strlen(t); + n = strlen(t); + if (n > ((size_t) -1) - l) + return NULL; + + l += n; } } else l = 0; @@ -5291,7 +5299,7 @@ int signal_from_string(const char *s) { int offset = 0; unsigned u; - signo =__signal_from_string(s); + signo = __signal_from_string(s); if (signo > 0) return signo; @@ -5683,7 +5691,7 @@ void warn_melody(void) { if (fd < 0) return; - /* Yeah, this is synchronous. Kinda sucks. Bute well... */ + /* Yeah, this is synchronous. Kinda sucks. But well... */ ioctl(fd, KIOCSOUND, (int)(1193180/440)); usleep(125*USEC_PER_MSEC); diff --git a/src/shared/util.h b/src/shared/util.h index e23d706ebd..2e49cfde2e 100644 --- a/src/shared/util.h +++ b/src/shared/util.h @@ -551,7 +551,7 @@ _malloc_ static inline void *malloc_multiply(size_t a, size_t b) { return malloc(a * b); } -static inline void *memdup_multiply(const void *p, size_t a, size_t b) { +_malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) { if (_unlikely_(a > ((size_t) -1) / b)) return NULL; |