summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2012-09-20 11:08:27 +0200
committerLennart Poettering <lennart@poettering.net>2012-09-20 11:08:27 +0200
commit040f18ea8a682dc80c9f3940cf234ccd1135e115 (patch)
treeb5d831d28dda6d16e951c4b08dafbbbf0b7915eb
parent4b8772bf5f2887aa2bdb74efa2f5dfd40fff946d (diff)
util: overflow hardening
-rw-r--r--TODO2
-rw-r--r--src/shared/util.c16
-rw-r--r--src/shared/util.h2
3 files changed, 15 insertions, 5 deletions
diff --git a/TODO b/TODO
index 573a9534f9..4a7fbb96ac 100644
--- a/TODO
+++ b/TODO
@@ -17,6 +17,8 @@ F18:
* Retest multi-seat
+* file bugs against KDE/... to take the new key inhibitor locks
+
Features:
* instantiated [Install] for target units
diff --git a/src/shared/util.c b/src/shared/util.c
index b48bad4c46..02ee6374c3 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1184,8 +1184,11 @@ char *strnappend(const char *s, const char *suffix, size_t b) {
assert(suffix);
a = strlen(s);
+ if ((size_t) -1 - a > b)
+ return NULL;
- if (!(r = new(char, a+b+1)))
+ r = new(char, a+b+1);
+ if (!r)
return NULL;
memcpy(r, s, a);
@@ -5014,12 +5017,17 @@ char *strjoin(const char *x, ...) {
for (;;) {
const char *t;
+ size_t n;
t = va_arg(ap, const char *);
if (!t)
break;
- l += strlen(t);
+ n = strlen(t);
+ if (n > ((size_t) -1) - l)
+ return NULL;
+
+ l += n;
}
} else
l = 0;
@@ -5291,7 +5299,7 @@ int signal_from_string(const char *s) {
int offset = 0;
unsigned u;
- signo =__signal_from_string(s);
+ signo = __signal_from_string(s);
if (signo > 0)
return signo;
@@ -5683,7 +5691,7 @@ void warn_melody(void) {
if (fd < 0)
return;
- /* Yeah, this is synchronous. Kinda sucks. Bute well... */
+ /* Yeah, this is synchronous. Kinda sucks. But well... */
ioctl(fd, KIOCSOUND, (int)(1193180/440));
usleep(125*USEC_PER_MSEC);
diff --git a/src/shared/util.h b/src/shared/util.h
index e23d706ebd..2e49cfde2e 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -551,7 +551,7 @@ _malloc_ static inline void *malloc_multiply(size_t a, size_t b) {
return malloc(a * b);
}
-static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
+_malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
if (_unlikely_(a > ((size_t) -1) / b))
return NULL;