diff options
author | Lennart Poettering <lennart@poettering.net> | 2021-10-13 12:38:37 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2021-10-14 15:57:52 +0200 |
commit | 2f82562bad423d1190912a4b209647dfac966db2 (patch) | |
tree | 766d61a085ee9674d8034351a83f64bcdf5d45bb /src/libsystemd/sd-bus/sd-bus.c | |
parent | 5222651ecc6f46391e5e0d9cf19793bfe65b0ec8 (diff) | |
download | systemd-2f82562bad423d1190912a4b209647dfac966db2.tar.gz |
alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere
Let's define two helpers strdupa_safe() + strndupa_safe() which do the
same as their non-safe counterparts, except that they abort if called
with allocations larger than ALLOCA_MAX.
This should ensure that all our alloca() based allocations are subject
to this limit.
afaics glibc offers three alloca() based APIs: alloca() itself,
strndupa() + strdupa(). With this we have now replacements for all of
them, that take the limit into account.
Diffstat (limited to 'src/libsystemd/sd-bus/sd-bus.c')
-rw-r--r-- | src/libsystemd/sd-bus/sd-bus.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c index d8a7c81764..96d5b9605e 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -1407,7 +1407,7 @@ int bus_set_address_system_remote(sd_bus *b, const char *host) { rbracket = strchr(host, ']'); if (!rbracket) return -EINVAL; - t = strndupa(host + 1, rbracket - host - 1); + t = strndupa_safe(host + 1, rbracket - host - 1); e = bus_address_escape(t); if (!e) return -ENOMEM; @@ -1440,7 +1440,7 @@ int bus_set_address_system_remote(sd_bus *b, const char *host) { t = strchr(p, '/'); if (t) { - p = strndupa(p, t - p); + p = strndupa_safe(p, t - p); got_forward_slash = true; } @@ -1467,7 +1467,7 @@ interpret_port_as_machine_old_syntax: if (!e) { char *t; - t = strndupa(host, strcspn(host, ":/")); + t = strndupa_safe(host, strcspn(host, ":/")); e = bus_address_escape(t); if (!e) |