On May 9, 2015, at 16:03, Baptiste Daroussin <b...@freebsd.org> wrote:
> On Sat, May 09, 2015 at 03:54:09PM -0700, Garrett Cooper wrote: >> >>> On May 9, 2015, at 12:12, Baptiste Daroussin <b...@freebsd.org> wrote: >>> >>> Author: bapt >>> Date: Sat May 9 19:12:16 2015 >>> New Revision: 282685 >>> URL: https://svnweb.freebsd.org/changeset/base/282685 >>> >>> Log: >>> Replace malloc(3) + strcpy(3) + strcat(3) by asprintf(3) >>> >>> Modified: >>> head/usr.sbin/pw/pw_user.c >>> >>> Modified: head/usr.sbin/pw/pw_user.c >>> ============================================================================== >>> --- head/usr.sbin/pw/pw_user.c Sat May 9 19:11:01 2015 (r282684) >>> +++ head/usr.sbin/pw/pw_user.c Sat May 9 19:12:16 2015 (r282685) >>> @@ -363,11 +363,9 @@ pw_user(struct userconf * cnf, int mode, >>> if (mode == M_LOCK) { >>> if (strncmp(pwd->pw_passwd, locked_str, sizeof(locked_str)-1) == >>> 0) >>> errx(EX_DATAERR, "user '%s' is already locked", pwd->pw_name); >>> - passtmp = malloc(strlen(pwd->pw_passwd) + sizeof(locked_str)); >>> + asprintf(&passtmp, "%s%s", locked_str, pwd->pw_passwd); >>> if (passtmp == NULL) /* disaster */ >>> errx(EX_UNAVAILABLE, "out of memory"); >>> - strcpy(passtmp, locked_str); >>> - strcat(passtmp, pwd->pw_passwd); >>> pwd->pw_passwd = passtmp; >>> edited = 1; >>> } else if (mode == M_UNLOCK) { >> >> Please check the return values from asprintf.. > > As said in the manpage: > > If sufficient space cannot be allocated, asprintf() > and vasprintf() will return -1 and set ret to be a NULL pointer. > > hence: > if (passtmp == NULL) /* disaster */ > errx(EX_UNAVAILABLE, "out of memory"); > > is checking properly asprintf return. > > Am I missing something? Nope. Carry on!
signature.asc
Description: Message signed with OpenPGP using GPGMail
