util: overflow hardening

2012-09-20 11:08:27 +02:00 · 2012-09-20 11:08:27 +02:00 · 040f18ea8a
parent 4b8772bf5f
commit 040f18ea8a
3 changed files with 15 additions and 5 deletions
--- a/2
+++ b/2
@ -17,6 +17,8 @@ F18:

 * Retest multi-seat

+* file bugs against KDE/... to take the new key inhibitor locks
+
 Features:

 * instantiated [Install] for target units
--- a/src/shared/util.c
+++ b/src/shared/util.c
@ -1184,8 +1184,11 @@ char *strnappend(const char *s, const char *suffix, size_t b) {
        assert(suffix);

        a = strlen(s);
+        if ((size_t) -1 - a > b)
+                return NULL;

-        if (!(r = new(char, a+b+1)))
+        r = new(char, a+b+1);
+        if (!r)
                return NULL;

        memcpy(r, s, a);
@ -5014,12 +5017,17 @@ char *strjoin(const char *x, ...) {

                for (;;) {
                        const char *t;
+                        size_t n;

                        t = va_arg(ap, const char *);
                        if (!t)
                                break;

-                        l += strlen(t);
+                        n = strlen(t);
+                        if (n > ((size_t) -1) - l)
+                                return NULL;
+
+                        l += n;
                }
        } else
                l = 0;
@ -5291,7 +5299,7 @@ int signal_from_string(const char *s) {
        int offset = 0;
        unsigned u;

-        signo =__signal_from_string(s);
+        signo = __signal_from_string(s);
        if (signo > 0)
                return signo;

@ -5683,7 +5691,7 @@ void warn_melody(void) {
        if (fd < 0)
                return;

-        /* Yeah, this is synchronous. Kinda sucks. Bute well... */
+        /* Yeah, this is synchronous. Kinda sucks. But well... */

        ioctl(fd, KIOCSOUND, (int)(1193180/440));
        usleep(125*USEC_PER_MSEC);
--- a/src/shared/util.h
+++ b/src/shared/util.h
@ -551,7 +551,7 @@ _malloc_  static inline void *malloc_multiply(size_t a, size_t b) {
        return malloc(a * b);
 }

-static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
+_malloc_ static inline void *memdup_multiply(const void *p, size_t a, size_t b) {
        if (_unlikely_(a > ((size_t) -1) / b))
                return NULL;