[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/2] Simplify string concatenation in poke.c.
|
From: |
Jose E. Marchesi |
|
Subject: |
Re: [PATCH 2/2] Simplify string concatenation in poke.c. |
|
Date: |
Mon, 06 Apr 2020 15:57:05 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
This also removes stack allocation of unchecked input strings,
which could lead to stack overflow.
This is OK for master, assumed str_concat is moved to pk-utils and
renamed.
Thanks! :)
2020-04-06 Tim Rühsen <address@hidden>
* src/poke.c (initialize): Use str_concat instead of
strlen/xmalloc/strcpy/strcat.
(initialize_user): Likewise.
---
ChangeLog | 6 ++++++
src/poke.c | 35 ++++++++++++-----------------------
2 files changed, 18 insertions(+), 23 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 92d21ae6..4323a998 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2020-04-06 Tim Rühsen <address@hidden>
+
+ * src/poke.c (initialize): Use str_concat instead of
+ strlen/xmalloc/strcpy/strcat.
+ (initialize_user): Likewise.
+
2020-04-06 Tim Rühsen <address@hidden>
* bootstrap.conf: Add gnulib module stdarg.
diff --git a/src/poke.c b/src/poke.c
index 3508f781..b67720eb 100644
--- a/src/poke.c
+++ b/src/poke.c
@@ -39,6 +39,7 @@
#include "pk-repl.h"
#include "pk-term.h"
#include "poke.h"
+#include "utils.h"
/* poke can be run either interactively (from a tty) or in batch mode.
The following predicate records this. */
@@ -396,13 +397,11 @@ initialize (int argc, char *argv[])
poke_compiler = pkl_new (poke_vm, poke_datadir);
/* XXX: use pkl_load here. */
{
- char *poke_std_pk;
+ char *poke_std_pk = str_concat (poke_datadir, "/std.pk", NULL);
- poke_std_pk = xmalloc (strlen (poke_datadir) + strlen ("/std.pk") + 1);
- strcpy (poke_std_pk, poke_datadir);
- strcat (poke_std_pk, "/std.pk");
if (!pkl_compile_file (poke_compiler, poke_std_pk))
exit (EXIT_FAILURE);
+
free (poke_std_pk);
}
@@ -432,11 +431,7 @@ initialize_user ()
if (homedir != NULL)
{
int ret;
- char *pokerc;
-
- pokerc = alloca (strlen (homedir) + strlen ("/.pokerc") + 1);
- strcpy (pokerc, homedir);
- strcat (pokerc, "/.pokerc");
+ char *pokerc = str_concat (homedir, "/.pokerc", NULL);
if (pk_file_readable (pokerc) == NULL)
{
@@ -446,6 +441,8 @@ initialize_user ()
else
return;
}
+
+ free (pokerc);
}
/* If no ~/.pokerc file was found, acknowledge the XDG Base
@@ -468,30 +465,18 @@ initialize_user ()
if (xdg_config_dirs == NULL)
xdg_config_dirs = "/etc/xdg";
- char *config_path = alloca (strlen (xdg_config_dirs)
- + 1 /* : */
- + strlen (xdg_config_home)
- + 1);
- strcpy (config_path, xdg_config_dirs);
- strcat (config_path, ":");
- strcat (config_path, xdg_config_home);
+ char *config_path = str_concat (xdg_config_dirs, ":", xdg_config_home,
NULL);
char *dir = strtok (config_path, ":");
do
{
- char *config_filename = NULL;
-
/* Ignore empty entries. */
if (*dir == '\0')
continue;
/* Mount the full path and determine whether the resulting
file is readable. */
- config_filename = alloca (strlen (dir)
- + strlen ("/poke/pokerc.conf")
- + 1);
- strcpy (config_filename, dir);
- strcat (config_filename, "/poke/pokerc.conf");
+ char *config_filename = str_concat (dir, "/poke/pokerc.conf",
NULL);
if (pk_file_readable (config_filename) == NULL)
{
@@ -501,8 +486,12 @@ initialize_user ()
exit (EXIT_FAILURE);
break;
}
+
+ free (config_filename);
}
while ((dir = strtok (NULL, ":")) != NULL);
+
+ free (config_path);
}
}
--
2.26.0