diff options
| author | Thomas Haller <thaller@redhat.com> | 2023-05-11 12:51:58 +0200 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2023-05-12 12:48:00 +0200 |
| commit | a8ba0ea4c7f236d6394fa5b7cb97a897b587eeb4 (patch) | |
| tree | f20d35964e976f2d4af68a7821b059098cf09e03 | |
| parent | 62d742625d369d2e329eab66934e0d522c07482a (diff) | |
| download | NetworkManager-a8ba0ea4c7f236d6394fa5b7cb97a897b587eeb4.tar.gz | |
libnmc: drop redundant defines for array lengths
- use G_N_ELEMENTS() macro instead of having separate defines. The separate
defines mean that when we check g_return_val_if_fail(oc_argc <= OC_ARGS_MAX, FALSE)
that we must double check that OC_ARGS_MAX is really the size of the array
that we want to check.
- replace g_return_val_if_fail() with nm_assert(). In this case, it should be
very clear by review that the buffer is indeed large enough and the assertion
holds. Use nm_assert().
- use unsigned integer for the loop variables. While int theoretically
might exploit undefined behavior of signed overflow, we should instead
use unsigned at places where it's appropriate (for example, those
variables are compared against G_N_ELEMENTS() which gives a size_t type.
- declare auto variables on separate lines.
- make the global variable oc_property_args static and const. The const
means the linker will put it into read-only memory, so we would get
a crash on accidental modification.
| -rw-r--r-- | src/libnmc-base/nm-vpn-helpers.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/src/libnmc-base/nm-vpn-helpers.c b/src/libnmc-base/nm-vpn-helpers.c index 10e2e0e696..51e15cda4b 100644 --- a/src/libnmc-base/nm-vpn-helpers.c +++ b/src/libnmc-base/nm-vpn-helpers.c @@ -213,7 +213,7 @@ _extract_variable_value(char *line, const char *tag, char **value) #define NM_OPENCONNECT_KEY_MCAKEY "mcakey" #define NM_OPENCONNECT_KEY_MCA_PASS "mca_key_pass" -struct { +static const struct { const char *property; const char *cmdline; } oc_property_args[] = { @@ -230,9 +230,6 @@ struct { {NM_OPENCONNECT_KEY_MCA_PASS, "--mca-key-password"}, }; -#define NR_OC_STRING_PROPS (sizeof(oc_property_args) / sizeof(oc_property_args[0])) -#define OC_ARGS_MAX (12 + 2 * NR_OC_STRING_PROPS) - /* * For old versions of openconnect we need to extract the port# and * append it to the hostname that is returned to us. Use a cut-down @@ -296,10 +293,11 @@ nm_vpn_openconnect_authenticate_helper(NMSettingVpn *s_vpn, GPtrArray *secrets, "/usr/local/bin/", NULL, }; - int port = 0; + const char *oc_argv[(12 + 2 * G_N_ELEMENTS(oc_property_args))]; const char *gw; - const char *oc_argv[OC_ARGS_MAX]; - int i, oc_argc = 0; + int port; + guint oc_argc = 0; + guint i; /* Get gateway and port */ gw = nm_setting_vpn_get_data_item(s_vpn, "gateway"); @@ -327,7 +325,7 @@ nm_vpn_openconnect_authenticate_helper(NMSettingVpn *s_vpn, GPtrArray *secrets, oc_argv[oc_argc++] = "--authenticate"; oc_argv[oc_argc++] = gw; - for (i = 0; i < NR_OC_STRING_PROPS; i++) { + for (i = 0; i < G_N_ELEMENTS(oc_property_args); i++) { opt = nm_setting_vpn_get_data_item(s_vpn, oc_property_args[i].property); if (opt) { oc_argv[oc_argc++] = oc_property_args[i].cmdline; @@ -371,7 +369,8 @@ nm_vpn_openconnect_authenticate_helper(NMSettingVpn *s_vpn, GPtrArray *secrets, } oc_argv[oc_argc++] = NULL; - g_return_val_if_fail(oc_argc <= OC_ARGS_MAX, FALSE); + + nm_assert(oc_argc <= G_N_ELEMENTS(oc_argv)); if (!g_spawn_sync(NULL, (char **) oc_argv, |