alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere

Let's define two helpers strdupa_safe() + strndupa_safe() which do the same as their non-safe counterparts, except that they abort if called with allocations larger than ALLOCA_MAX. This should ensure that all our alloca() based allocations are subject to this limit. afaics glibc offers three alloca() based APIs: alloca() itself, strndupa() + strdupa(). With this we have now replacements for all of them, that take the limit into account.
author: Lennart Poettering <lennart@poettering.net> 2021-10-13 12:38:37 +0200
committer: Lennart Poettering <lennart@poettering.net> 2021-10-14 15:57:52 +0200
commit: 2f82562bad423d1190912a4b209647dfac966db2 (patch)
tree: 766d61a085ee9674d8034351a83f64bcdf5d45bb /src/journal/journalctl.c
parent: 5222651ecc6f46391e5e0d9cf19793bfe65b0ec8 (diff)
download: systemd-2f82562bad423d1190912a4b209647dfac966db2.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index daa7c7e45e..21e76a5899 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -280,7 +280,7 @@ static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset
         } else if (strlen(x) >= SD_ID128_STRING_MAX - 1) {
                 char *t;
 
-                t = strndupa(x, SD_ID128_STRING_MAX - 1);
+                t = strndupa_safe(x, SD_ID128_STRING_MAX - 1);
                 r = sd_id128_from_string(t, &id);
                 if (r >= 0)
                         x += SD_ID128_STRING_MAX - 1;
author	Lennart Poettering <lennart@poettering.net>	2021-10-13 12:38:37 +0200
committer	Lennart Poettering <lennart@poettering.net>	2021-10-14 15:57:52 +0200
commit	2f82562bad423d1190912a4b209647dfac966db2 (patch)
tree	766d61a085ee9674d8034351a83f64bcdf5d45bb /src/journal/journalctl.c
parent	5222651ecc6f46391e5e0d9cf19793bfe65b0ec8 (diff)
download	systemd-2f82562bad423d1190912a4b209647dfac966db2.tar.gz