From 2f82562bad423d1190912a4b209647dfac966db2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 13 Oct 2021 12:38:37 +0200
Subject: alloc-util: add strdupa_safe() + strndupa_safe() and use it
 everywhere

Let's define two helpers strdupa_safe() + strndupa_safe() which do the
same as their non-safe counterparts, except that they abort if called
with allocations larger than ALLOCA_MAX.

This should ensure that all our alloca() based allocations are subject
to this limit.

afaics glibc offers three alloca() based APIs: alloca() itself,
strndupa() + strdupa(). With this we have now replacements for all of
them, that take the limit into account.
---
 coccinelle/strdupa.cocci | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 coccinelle/strdupa.cocci

(limited to 'coccinelle')

diff --git a/coccinelle/strdupa.cocci b/coccinelle/strdupa.cocci
new file mode 100644
index 0000000000..665736e5c8
--- /dev/null
+++ b/coccinelle/strdupa.cocci
@@ -0,0 +1,11 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+@@
+expression x;
+@@
+- strdupa(x)
++ strdupa_safe(x)
+@@
+expression x, n;
+@@
+- strndupa(x, n)
++ strndupa_safe(x, n)
-- 
cgit v1.2.1