diff options
author | tb <> | 2020-09-24 19:29:09 +0000 |
---|---|---|
committer | tb <> | 2020-09-24 19:29:09 +0000 |
commit | 601e8c398115dd6a33daa6e87d334dc0624b0b6e (patch) | |
tree | 83099f355e9ebf9fa764f4ff2037fb540437baf8 /src/lib/libc/string/strerror_r.c | |
parent | 28f9589656367e65d19640878dfcca8e6601c20e (diff) | |
download | openbsd-601e8c398115dd6a33daa6e87d334dc0624b0b6e.tar.gz openbsd-601e8c398115dd6a33daa6e87d334dc0624b0b6e.tar.bz2 openbsd-601e8c398115dd6a33daa6e87d334dc0624b0b6e.zip |
Fix a number of leaks in the UI_dup_* functions
If any of general_allocate_{prompt,string,boolean}() fail, the
UI_dup_* functions may leak the strings they strduped beforehand.
Instead, use strdup inside these functions, so we can free as
necessary. This makes the UI_add_* and UI_dup_* simple wrappers
around general_allocate_{string,boolean}() that differ only in
passing a Boolean that indicates whether or not to use strdup.
Make a general cleanup pass over these functions, simplify the
logic and make it overall a bit easier to follow. While there,
use strcspn() instead of a handrolled variant.
The only changes in behavior are that ERR_R_MALLOC_FAILURE is now
pushed onto the stack a bit more often and that UI_dup_input_string()
now returns -1 on failure to dup prompt like all the other UI_dup_*
functions. This is not a problem since the manual already documents
that errors are signaled with <= 0. The only consumer of this function
according to Debian's codesearch is libp11, I sent them a PR to fix
their (already broken) error handling.
Addresses about 10 errors thrown by the LLVM static analyzer in ui/.
ok jsing
Diffstat (limited to 'src/lib/libc/string/strerror_r.c')
0 files changed, 0 insertions, 0 deletions