> strdup? Thanks, I will check this too.
I went through all the asprintf calls in the list. These are the ones that actually need to be fixed. Everything else is properly checked. drivers/net/telnet.c 698: ret = asprintf(&devpath, TELNET_DEVFMT, priv->td_minor); libs/libc/uuid/lib_uuid_to_string.c 66: c = asprintf(s, libs/libc/stdio/lib_tempnam.c 78: asprintf(&template, "%s/%s-XXXXXX", dir, pfx); tools/kconfig2html.c 2295: asprintf(&dirpath, "%s/%s%s%s", 2300: asprintf(&dirpath, "%s/%s", g_kconfigroot, subdir); 2435: asprintf(&kconfigpath, "%s/%s", kconfigdir, kconfigname); tools/gencromfs.c 1114: ret = asprintf(&path, "%s/%s", dirpath, name); 1144: ret = asprintf(&path, "%s/%s", dirpath, name); fs/vfs/fs_dir.c 603: asprintf(&dir->fd_path, "%s%s/", path_prefix, relpath); fs/vfs/fs_rename.c 131: asprintf(&subdir, "%s/%s", newpath, subdirname); 372: asprintf(&subdir, "%s/%s", newrelpath, fs/inode/fs_inodesearch.c 356: asprintf(&buffer, 484: asprintf(&desc->buffer, "%s/%s", _inode_getcwd(), desc->path); Specifically the telnet.c one, does check the return code, but it proceeds nevertheless instead of aborting. The function ends up doing half of the job it was supposed to do. Is this OK here? Specifically the call in lib_uuid_to_string, indeed checks the result. But I cannot understand what needs to be done to `s`. What does the standard specify? Shall we set it to NULL in case of error? Or is it undefined? On Wed, Mar 29, 2023 at 4:12 PM Gregory Nutt <spudan...@gmail.com> wrote: > > > I can do that. Apart from asprintf() and vasprintf(), is anyone aware of > > any other similarly suspicious functions to check? > > strdup? > > >