diff --git a/src/basic/escape.c b/src/basic/escape.c index 00ab4ab73f..6095ac43b5 100644 --- a/src/basic/escape.c +++ b/src/basic/escape.c @@ -288,7 +288,7 @@ int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit, return r; } -int cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret) { +ssize_t cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret) { _cleanup_free_ char *ans = NULL; char *t; const char *f; diff --git a/src/basic/escape.h b/src/basic/escape.h index 907b572bd4..98e61789c4 100644 --- a/src/basic/escape.h +++ b/src/basic/escape.h @@ -45,14 +45,15 @@ char* cescape(const char *s); char* cescape_length(const char *s, size_t n); int cescape_char(char c, char *buf); -int cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret); -static inline int cunescape_length(const char *s, size_t length, UnescapeFlags flags, char **ret) { +int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit, bool accept_nul); + +ssize_t cunescape_length_with_prefix(const char *s, size_t length, const char *prefix, UnescapeFlags flags, char **ret); +static inline ssize_t cunescape_length(const char *s, size_t length, UnescapeFlags flags, char **ret) { return cunescape_length_with_prefix(s, length, NULL, flags, ret); } -static inline int cunescape(const char *s, UnescapeFlags flags, char **ret) { +static inline ssize_t cunescape(const char *s, UnescapeFlags flags, char **ret) { return cunescape_length(s, strlen(s), flags, ret); } -int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit, bool accept_nul); typedef enum XEscapeFlags { XESCAPE_8_BIT = 1 << 0, diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c index c72f5c22da..a3ac73f823 100644 --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@ -1010,8 +1010,6 @@ int config_parse_exec_input_text( _cleanup_free_ char *unescaped = NULL, *resolved = NULL; ExecContext *c = data; const Unit *u = userdata; - size_t sz; - void *p; int r; assert(data); @@ -1026,9 +1024,9 @@ int config_parse_exec_input_text( return 0; } - r = cunescape(rvalue, 0, &unescaped); - if (r < 0) { - log_syntax(unit, LOG_WARNING, filename, line, r, + ssize_t l = cunescape(rvalue, 0, &unescaped); + if (l < 0) { + log_syntax(unit, LOG_WARNING, filename, line, l, "Failed to decode C escaped text '%s', ignoring: %m", rvalue); return 0; } @@ -1040,7 +1038,7 @@ int config_parse_exec_input_text( return 0; } - sz = strlen(resolved); + size_t sz = strlen(resolved); if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */ c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) { log_syntax(unit, LOG_WARNING, filename, line, 0, @@ -1049,7 +1047,7 @@ int config_parse_exec_input_text( return 0; } - p = realloc(c->stdin_data, c->stdin_data_size + sz + 1); + void *p = realloc(c->stdin_data, c->stdin_data_size + sz + 1); if (!p) return log_oom(); @@ -4516,7 +4514,7 @@ int config_parse_set_credential( } } else { char *unescaped = NULL; - int l; + ssize_t l; /* We support escape codes here, so that users can insert trailing \n if they like */ l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped); diff --git a/src/core/path.c b/src/core/path.c index e098e83a31..87930f637f 100644 --- a/src/core/path.c +++ b/src/core/path.c @@ -674,13 +674,14 @@ static int path_deserialize_item(Unit *u, const char *key, const char *value, FD p->result = f; } else if (streq(key, "path-spec")) { - int previous_exists, skip = 0, r; + int previous_exists, skip = 0; _cleanup_free_ char *type_str = NULL; if (sscanf(value, "%ms %i %n", &type_str, &previous_exists, &skip) < 2) log_unit_debug(u, "Failed to parse path-spec value: %s", value); else { _cleanup_free_ char *unescaped = NULL; + ssize_t l; PathType type; PathSpec *s; @@ -690,9 +691,9 @@ static int path_deserialize_item(Unit *u, const char *key, const char *value, FD return 0; } - r = cunescape(value+skip, 0, &unescaped); - if (r < 0) { - log_unit_warning_errno(u, r, "Failed to unescape serialize path: %m"); + l = cunescape(value+skip, 0, &unescaped); + if (l < 0) { + log_unit_warning_errno(u, l, "Failed to unescape serialize path: %m"); return 0; } diff --git a/src/core/service.c b/src/core/service.c index cb0a528f0d..34aac18dd8 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -2890,10 +2890,11 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value, log_unit_error_errno(u, r, "Unable to deserialize current bus owner %s: %m", value); } else if (streq(key, "status-text")) { char *t; + ssize_t l; - r = cunescape(value, 0, &t); - if (r < 0) - log_unit_debug_errno(u, r, "Failed to unescape status text '%s': %m", value); + l = cunescape(value, 0, &t); + if (l < 0) + log_unit_debug_errno(u, l, "Failed to unescape status text '%s': %m", value); else free_and_replace(s->status_text, t); diff --git a/src/core/swap.c b/src/core/swap.c index 3843b19500..fabee3c1f3 100644 --- a/src/core/swap.c +++ b/src/core/swap.c @@ -1202,8 +1202,9 @@ static int swap_load_proc_swaps(Manager *m, bool set_flags) { continue; } - if (cunescape(dev, UNESCAPE_RELAX, &d) < 0) - return log_oom(); + ssize_t l = cunescape(dev, UNESCAPE_RELAX, &d); + if (l < 0) + return log_error_errno(l, "Failed to unescape device path: %m"); device_found_node(m, d, DEVICE_FOUND_SWAP, DEVICE_FOUND_SWAP); diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 0fa41b8360..8243ea108f 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -453,7 +453,6 @@ static char* disk_description(const char *path) { _cleanup_(sd_device_unrefp) sd_device *device = NULL; const char *i, *name; struct stat st; - int r; assert(path); @@ -468,14 +467,15 @@ static char* disk_description(const char *path) { if (sd_device_get_property_value(device, "ID_PART_ENTRY_NAME", &name) >= 0) { _cleanup_free_ char *unescaped = NULL; + ssize_t l; /* ID_PART_ENTRY_NAME uses \x style escaping, using libblkid's blkid_encode_string(). Let's * reverse this here to make the string more human friendly in case people embed spaces or * other weird stuff. */ - r = cunescape(name, UNESCAPE_RELAX, &unescaped); - if (r < 0) { - log_debug_errno(r, "Failed to unescape ID_PART_ENTRY_NAME, skipping device: %m"); + l = cunescape(name, UNESCAPE_RELAX, &unescaped); + if (l < 0) { + log_debug_errno(l, "Failed to unescape ID_PART_ENTRY_NAME, skipping device: %m"); return NULL; } diff --git a/src/import/pull-common.c b/src/import/pull-common.c index 75c5c7493e..cb77454e0f 100644 --- a/src/import/pull-common.c +++ b/src/import/pull-common.c @@ -34,10 +34,6 @@ int pull_find_old_etags( const char *suffix, char ***etags) { - _cleanup_free_ char *escaped_url = NULL; - _cleanup_closedir_ DIR *d = NULL; - _cleanup_strv_free_ char **l = NULL; - struct dirent *de; int r; assert(url); @@ -46,11 +42,11 @@ int pull_find_old_etags( if (!image_root) image_root = "/var/lib/machines"; - escaped_url = xescape(url, FILENAME_ESCAPE); + _cleanup_free_ char *escaped_url = xescape(url, FILENAME_ESCAPE); if (!escaped_url) return -ENOMEM; - d = opendir(image_root); + _cleanup_closedir_ DIR *d = opendir(image_root); if (!d) { if (errno == ENOENT) { *etags = NULL; @@ -60,6 +56,9 @@ int pull_find_old_etags( return -errno; } + _cleanup_strv_free_ char **ans = NULL; + struct dirent *de; + FOREACH_DIRENT_ALL(de, d, return -errno) { _cleanup_free_ char *u = NULL; const char *a, *b; @@ -93,19 +92,21 @@ int pull_find_old_etags( if (a >= b) continue; - r = cunescape_length(a, b - a, 0, &u); - if (r < 0) - return r; + ssize_t l = cunescape_length(a, b - a, 0, &u); + if (l < 0) { + assert(l >= INT8_MIN); + return l; + } if (!http_etag_is_valid(u)) continue; - r = strv_consume(&l, TAKE_PTR(u)); + r = strv_consume(&ans, TAKE_PTR(u)); if (r < 0) return r; } - *etags = TAKE_PTR(l); + *etags = TAKE_PTR(ans); return 0; } diff --git a/src/libsystemd/sd-login/sd-login.c b/src/libsystemd/sd-login/sd-login.c index f6fff204f6..3adf1cef5c 100644 --- a/src/libsystemd/sd-login/sd-login.c +++ b/src/libsystemd/sd-login/sd-login.c @@ -585,8 +585,8 @@ _public_ int sd_session_get_class(const char *session, char **class) { _public_ int sd_session_get_desktop(const char *session, char **desktop) { _cleanup_free_ char *escaped = NULL; - char *t; int r; + ssize_t l; assert_return(desktop, -EINVAL); @@ -594,11 +594,9 @@ _public_ int sd_session_get_desktop(const char *session, char **desktop) { if (r < 0) return r; - r = cunescape(escaped, 0, &t); - if (r < 0) - return r; - - *desktop = t; + l = cunescape(escaped, 0, desktop); + if (l < 0) + return l; return 0; } diff --git a/src/login/logind-inhibit.c b/src/login/logind-inhibit.c index 57198ce652..f8048f6d23 100644 --- a/src/login/logind-inhibit.c +++ b/src/login/logind-inhibit.c @@ -209,18 +209,11 @@ void inhibitor_stop(Inhibitor *i) { } int inhibitor_load(Inhibitor *i) { - - _cleanup_free_ char - *what = NULL, - *uid = NULL, - *pid = NULL, - *who = NULL, - *why = NULL, - *mode = NULL; - + _cleanup_free_ char *what = NULL, *uid = NULL, *pid = NULL, *who = NULL, *why = NULL, *mode = NULL; InhibitWhat w; InhibitMode mm; char *cc; + ssize_t l; int r; r = parse_env_file(NULL, i->state_file, @@ -255,17 +248,17 @@ int inhibitor_load(Inhibitor *i) { } if (who) { - r = cunescape(who, 0, &cc); - if (r < 0) - return log_oom(); + l = cunescape(who, 0, &cc); + if (l < 0) + return log_debug_errno(l, "Failed to unescape \"who\" of inhibitor: %m"); free_and_replace(i->who, cc); } if (why) { - r = cunescape(why, 0, &cc); - if (r < 0) - return log_oom(); + l = cunescape(why, 0, &cc); + if (l < 0) + return log_debug_errno(l, "Failed to unescape \"why\" of inhibitor: %m"); free_and_replace(i->why, cc); } diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c index f80adcdbcf..1ba21fc9de 100644 --- a/src/network/networkd-dhcp4.c +++ b/src/network/networkd-dhcp4.c @@ -1735,7 +1735,7 @@ int config_parse_dhcp_mud_url( _cleanup_free_ char *unescaped = NULL; Network *network = data; - int r; + ssize_t l; assert(filename); assert(lvalue); @@ -1746,9 +1746,9 @@ int config_parse_dhcp_mud_url( return 0; } - r = cunescape(rvalue, 0, &unescaped); - if (r < 0) { - log_syntax(unit, LOG_WARNING, filename, line, r, + l = cunescape(rvalue, 0, &unescaped); + if (l < 0) { + log_syntax(unit, LOG_WARNING, filename, line, l, "Failed to Failed to unescape MUD URL, ignoring: %s", rvalue); return 0; } diff --git a/src/network/networkd-dhcp6.c b/src/network/networkd-dhcp6.c index 2b72b618fc..4506932a58 100644 --- a/src/network/networkd-dhcp6.c +++ b/src/network/networkd-dhcp6.c @@ -1814,7 +1814,7 @@ int config_parse_dhcp6_mud_url( _cleanup_free_ char *unescaped = NULL; Network *network = data; - int r; + ssize_t l; assert(filename); assert(lvalue); @@ -1825,9 +1825,9 @@ int config_parse_dhcp6_mud_url( return 0; } - r = cunescape(rvalue, 0, &unescaped); - if (r < 0) { - log_syntax(unit, LOG_WARNING, filename, line, r, + l = cunescape(rvalue, 0, &unescaped); + if (l < 0) { + log_syntax(unit, LOG_WARNING, filename, line, l, "Failed to Failed to unescape MUD URL, ignoring: %s", rvalue); return 0; } diff --git a/src/network/networkd-lldp-tx.c b/src/network/networkd-lldp-tx.c index 45a087b301..c2d269156e 100644 --- a/src/network/networkd-lldp-tx.c +++ b/src/network/networkd-lldp-tx.c @@ -430,15 +430,15 @@ int config_parse_lldp_mud( _cleanup_free_ char *unescaped = NULL; Network *n = data; - int r; + ssize_t l; assert(filename); assert(lvalue); assert(rvalue); - r = cunescape(rvalue, 0, &unescaped); - if (r < 0) { - log_syntax(unit, LOG_WARNING, filename, line, r, + l = cunescape(rvalue, 0, &unescaped); + if (l < 0) { + log_syntax(unit, LOG_WARNING, filename, line, l, "Failed to Failed to unescape LLDP MUD URL, ignoring: %s", rvalue); return 0; } diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 04685fecba..aea4eb7b0b 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1565,7 +1565,7 @@ static int parse_argv(int argc, char *argv[]) { const char *p = optarg; Credential *a; size_t i; - int l; + ssize_t l; r = extract_first_word(&p, &word, ":", EXTRACT_DONT_COALESCE_SEPARATORS); if (r == -ENOMEM) diff --git a/src/shared/bpf-program.c b/src/shared/bpf-program.c index 0f865a7168..4575bb4e2f 100644 --- a/src/shared/bpf-program.c +++ b/src/shared/bpf-program.c @@ -426,6 +426,7 @@ int bpf_program_deserialize_attachment(const char *v, FDSet *fds, BPFProgram **b _cleanup_free_ char *sfd = NULL, *sat = NULL, *unescaped = NULL; _cleanup_(bpf_program_unrefp) BPFProgram *p = NULL; _cleanup_close_ int fd = -1; + ssize_t l; int ifd, at, r; assert(v); @@ -456,9 +457,9 @@ int bpf_program_deserialize_attachment(const char *v, FDSet *fds, BPFProgram **b return at; /* The rest is the path */ - r = cunescape(v, 0, &unescaped); - if (r < 0) - return r; + l = cunescape(v, 0, &unescaped); + if (l < 0) + return l; fd = fdset_remove(fds, ifd); if (fd < 0) diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c index a97ffbcea4..1ff1e7600d 100644 --- a/src/shared/bus-unit-util.c +++ b/src/shared/bus-unit-util.c @@ -1096,7 +1096,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con r = sd_bus_message_append_array(m, 'y', decoded, decoded_size); } else { _cleanup_free_ char *unescaped = NULL; - int l; + ssize_t l; l = cunescape(p, UNESCAPE_ACCEPT_NUL, &unescaped); if (l < 0) @@ -1233,18 +1233,19 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con if (streq(field, "StandardInputText")) { _cleanup_free_ char *unescaped = NULL; + ssize_t l; - r = cunescape(eq, 0, &unescaped); - if (r < 0) - return log_error_errno(r, "Failed to unescape text '%s': %m", eq); + l = cunescape(eq, 0, &unescaped); + if (l < 0) + return log_error_errno(l, "Failed to unescape text '%s': %m", eq); if (!strextend(&unescaped, "\n")) return log_oom(); - /* Note that we don't expand specifiers here, but that should be OK, as this is a programmatic - * interface anyway */ + /* Note that we don't expand specifiers here, but that should be OK, as this is a + * programmatic interface anyway */ - return bus_append_byte_array(m, field, unescaped, strlen(unescaped)); + return bus_append_byte_array(m, field, unescaped, l + 1); } if (streq(field, "StandardInputData")) { diff --git a/src/shared/devnode-acl.c b/src/shared/devnode-acl.c index 07e29e1019..9ea89ee920 100644 --- a/src/shared/devnode-acl.c +++ b/src/shared/devnode-acl.c @@ -220,9 +220,11 @@ int devnode_acl_all(const char *seat, if (dir) { FOREACH_DIRENT(dent, dir, return -errno) { _cleanup_free_ char *unescaped_devname = NULL; + ssize_t l; - if (cunescape(dent->d_name, UNESCAPE_RELAX, &unescaped_devname) < 0) - return -ENOMEM; + l = cunescape(dent->d_name, UNESCAPE_RELAX, &unescaped_devname); + if (l < 0) + return l; n = path_join("/dev", unescaped_devname); if (!n) diff --git a/src/shared/serialize.c b/src/shared/serialize.c index 23aac3ef52..47996b9ead 100644 --- a/src/shared/serialize.c +++ b/src/shared/serialize.c @@ -176,6 +176,7 @@ int deserialize_dual_timestamp(const char *value, dual_timestamp *t) { int deserialize_environment(const char *value, char ***list) { _cleanup_free_ char *unescaped = NULL; + ssize_t l; int r; assert(value); @@ -183,9 +184,9 @@ int deserialize_environment(const char *value, char ***list) { /* Changes the *environment strv inline. */ - r = cunescape(value, 0, &unescaped); - if (r < 0) - return log_error_errno(r, "Failed to unescape: %m"); + l = cunescape(value, 0, &unescaped); + if (l < 0) + return log_error_errno(l, "Failed to unescape: %m"); r = strv_env_replace_consume(list, TAKE_PTR(unescaped)); if (r < 0) diff --git a/src/shared/udev-util.c b/src/shared/udev-util.c index f934fc157e..27dfd11a6a 100644 --- a/src/shared/udev-util.c +++ b/src/shared/udev-util.c @@ -351,7 +351,6 @@ void log_device_uevent(sd_device *device, const char *str) { int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos) { char *i, *j; - int r; bool is_escaped; /* value must be double quotated */ @@ -373,6 +372,7 @@ int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos) { j[0] = '\0'; } else { _cleanup_free_ char *unescaped = NULL; + ssize_t l; /* find the end position of value */ for (i = str; *i != '"'; i++) { @@ -383,11 +383,12 @@ int udev_rule_parse_value(char *str, char **ret_value, char **ret_endpos) { } i[0] = '\0'; - r = cunescape_length(str, i - str, 0, &unescaped); - if (r < 0) - return r; - assert(r <= i - str); - memcpy(str, unescaped, r + 1); + l = cunescape_length(str, i - str, 0, &unescaped); + if (l < 0) + return l; + + assert(l <= i - str); + memcpy(str, unescaped, l + 1); } *ret_value = str; diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index b32b709ef5..b89555d8e0 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -2775,8 +2775,6 @@ static bool should_include_path(const char *path) { } static int specifier_expansion_from_arg(Item *i) { - _cleanup_free_ char *unescaped = NULL, *resolved = NULL; - char **xattr; int r; assert(i); @@ -2789,33 +2787,37 @@ static int specifier_expansion_from_arg(Item *i) { case CREATE_SYMLINK: case CREATE_FILE: case TRUNCATE_FILE: - case WRITE_FILE: - r = cunescape(i->argument, 0, &unescaped); - if (r < 0) - return log_error_errno(r, "Failed to unescape parameter to write: %s", i->argument); + case WRITE_FILE: { + _cleanup_free_ char *unescaped = NULL, *resolved = NULL; + ssize_t l; + + l = cunescape(i->argument, 0, &unescaped); + if (l < 0) + return log_error_errno(l, "Failed to unescape parameter to write: %s", i->argument); r = specifier_printf(unescaped, PATH_MAX-1, specifier_table, arg_root, NULL, &resolved); if (r < 0) return r; - free_and_replace(i->argument, resolved); - break; - + return free_and_replace(i->argument, resolved); + } case SET_XATTR: - case RECURSIVE_SET_XATTR: + case RECURSIVE_SET_XATTR: { + char **xattr; STRV_FOREACH(xattr, i->xattrs) { + _cleanup_free_ char *resolved = NULL; + r = specifier_printf(*xattr, SIZE_MAX, specifier_table, arg_root, NULL, &resolved); if (r < 0) return r; free_and_replace(*xattr, resolved); } - break; - - default: - break; + return 0; + } + default: + return 0; } - return 0; } static int patch_var_run(const char *fname, unsigned line, char **path) { diff --git a/src/xdg-autostart-generator/xdg-autostart-service.c b/src/xdg-autostart-generator/xdg-autostart-service.c index fe73bfe9db..d6e90302fd 100644 --- a/src/xdg-autostart-generator/xdg-autostart-service.c +++ b/src/xdg-autostart-generator/xdg-autostart-service.c @@ -397,10 +397,11 @@ int xdg_autostart_format_exec_start( first_arg = true; for (i = n = 0; exec_split[i]; i++) { _cleanup_free_ char *c = NULL, *raw = NULL, *p = NULL, *escaped = NULL, *quoted = NULL; + ssize_t l; - r = cunescape(exec_split[i], 0, &c); - if (r < 0) - return log_debug_errno(r, "Failed to unescape '%s': %m", exec_split[i]); + l = cunescape(exec_split[i], 0, &c); + if (l < 0) + return log_debug_errno(l, "Failed to unescape '%s': %m", exec_split[i]); if (first_arg) { _cleanup_free_ char *executable = NULL;