mirror of
https://github.com/systemd/systemd.git
synced 2024-10-30 14:55:37 +03:00
tree-wide: use memmem_safe()
Let's be paranoid and do something useful if we operate with empty haystack/needle. This doesn't actually fix anything, as the places as far as I can see check for non-emptyness already beforehand, but I will sleep safer at night, if we don't even allow the trap to be fallen in, ever, even if the code is changed sooner or later.
This commit is contained in:
parent
d8782cc5c2
commit
e8b08edcdf
@ -163,7 +163,7 @@ static int get_file_version(int fd, char **v) {
|
||||
if (!s)
|
||||
goto finish;
|
||||
|
||||
e = memmem(s, st.st_size - (s - buf), " ####", 5);
|
||||
e = memmem_safe(s, st.st_size - (s - buf), " ####", 5);
|
||||
if (!e || e - s < 3) {
|
||||
r = log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Malformed version string.");
|
||||
goto finish;
|
||||
|
@ -10,6 +10,7 @@
|
||||
#include "escape.h"
|
||||
#include "fd-util.h"
|
||||
#include "io-util.h"
|
||||
#include "memory-util.h"
|
||||
#include "path-util.h"
|
||||
#include "process-util.h"
|
||||
#include "pull-common.h"
|
||||
@ -342,18 +343,18 @@ static int verify_one(PullJob *checksum_job, PullJob *job) {
|
||||
|
||||
line = strjoina(job->checksum, " *", fn, "\n");
|
||||
|
||||
p = memmem(checksum_job->payload,
|
||||
checksum_job->payload_size,
|
||||
line,
|
||||
strlen(line));
|
||||
p = memmem_safe(checksum_job->payload,
|
||||
checksum_job->payload_size,
|
||||
line,
|
||||
strlen(line));
|
||||
|
||||
if (!p) {
|
||||
line = strjoina(job->checksum, " ", fn, "\n");
|
||||
|
||||
p = memmem(checksum_job->payload,
|
||||
checksum_job->payload_size,
|
||||
line,
|
||||
strlen(line));
|
||||
p = memmem_safe(checksum_job->payload,
|
||||
checksum_job->payload_size,
|
||||
line,
|
||||
strlen(line));
|
||||
}
|
||||
|
||||
if (!p || (p != (char*) checksum_job->payload && p[-1] != '\n'))
|
||||
|
@ -173,12 +173,12 @@ static int bus_socket_auth_verify_client(sd_bus *b) {
|
||||
if (!d)
|
||||
return 0;
|
||||
|
||||
e = memmem(d + 2, b->rbuffer_size - (d - (char*) b->rbuffer) - 2, "\r\n", 2);
|
||||
e = memmem_safe(d + 2, b->rbuffer_size - (d - (char*) b->rbuffer) - 2, "\r\n", 2);
|
||||
if (!e)
|
||||
return 0;
|
||||
|
||||
if (b->accept_fd) {
|
||||
f = memmem(e + 2, b->rbuffer_size - (e - (char*) b->rbuffer) - 2, "\r\n", 2);
|
||||
f = memmem_safe(e + 2, b->rbuffer_size - (e - (char*) b->rbuffer) - 2, "\r\n", 2);
|
||||
if (!f)
|
||||
return 0;
|
||||
|
||||
@ -399,7 +399,7 @@ static int bus_socket_auth_verify_server(sd_bus *b) {
|
||||
for (;;) {
|
||||
/* Check if line is complete */
|
||||
line = (char*) b->rbuffer + b->auth_rbegin;
|
||||
e = memmem(line, b->rbuffer_size - b->auth_rbegin, "\r\n", 2);
|
||||
e = memmem_safe(line, b->rbuffer_size - b->auth_rbegin, "\r\n", 2);
|
||||
if (!e)
|
||||
return processed;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user