svn commit: r282685 - head/usr.sbin/pw
Baptiste Daroussin
bapt at FreeBSD.org
Sat May 9 23:03:55 UTC 2015
On Sat, May 09, 2015 at 03:54:09PM -0700, Garrett Cooper wrote:
>
> > On May 9, 2015, at 12:12, Baptiste Daroussin <bapt at FreeBSD.org> wrote:
> >
> > Author: bapt
> > Date: Sat May 9 19:12:16 2015
> > New Revision: 282685
> > URL: https://svnweb.freebsd.org/changeset/base/282685
> >
> > Log:
> > Replace malloc(3) + strcpy(3) + strcat(3) by asprintf(3)
> >
> > Modified:
> > head/usr.sbin/pw/pw_user.c
> >
> > Modified: head/usr.sbin/pw/pw_user.c
> > ==============================================================================
> > --- head/usr.sbin/pw/pw_user.c Sat May 9 19:11:01 2015 (r282684)
> > +++ head/usr.sbin/pw/pw_user.c Sat May 9 19:12:16 2015 (r282685)
> > @@ -363,11 +363,9 @@ pw_user(struct userconf * cnf, int mode,
> > if (mode == M_LOCK) {
> > if (strncmp(pwd->pw_passwd, locked_str, sizeof(locked_str)-1) == 0)
> > errx(EX_DATAERR, "user '%s' is already locked", pwd->pw_name);
> > - passtmp = malloc(strlen(pwd->pw_passwd) + sizeof(locked_str));
> > + asprintf(&passtmp, "%s%s", locked_str, pwd->pw_passwd);
> > if (passtmp == NULL) /* disaster */
> > errx(EX_UNAVAILABLE, "out of memory");
> > - strcpy(passtmp, locked_str);
> > - strcat(passtmp, pwd->pw_passwd);
> > pwd->pw_passwd = passtmp;
> > edited = 1;
> > } else if (mode == M_UNLOCK) {
>
> Please check the return values from asprintf..
As said in the manpage:
If sufficient space cannot be allocated, asprintf()
and vasprintf() will return -1 and set ret to be a NULL pointer.
hence:
if (passtmp == NULL) /* disaster */
errx(EX_UNAVAILABLE, "out of memory");
is checking properly asprintf return.
Am I missing something?
Best regards,
Bapt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20150510/e2a9d233/attachment.sig>
More information about the svn-src-all
mailing list