1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-25 10:04:04 +03:00

shared/calendarspec: do not allocate a big string on stack

The string can be as long as a logical line in a unit file — so no unlimited,
but quite big. Let's use a normal heap allocation when making a copy.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13125
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2019-02-16 22:35:46 +01:00
parent 7321d504e6
commit ea53cfd195
2 changed files with 21 additions and 3 deletions

View File

@ -880,6 +880,7 @@ fail:
int calendar_spec_from_string(const char *p, CalendarSpec **spec) { int calendar_spec_from_string(const char *p, CalendarSpec **spec) {
const char *utc; const char *utc;
_cleanup_(calendar_spec_freep) CalendarSpec *c = NULL; _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
_cleanup_free_ char *p_tmp = NULL;
int r; int r;
assert(p); assert(p);
@ -894,7 +895,9 @@ int calendar_spec_from_string(const char *p, CalendarSpec **spec) {
utc = endswith_no_case(p, " UTC"); utc = endswith_no_case(p, " UTC");
if (utc) { if (utc) {
c->utc = true; c->utc = true;
p = strndupa(p, utc - p); p = p_tmp = strndup(p, utc - p);
if (!p)
return -ENOMEM;
} else { } else {
const char *e = NULL; const char *e = NULL;
int j; int j;
@ -919,7 +922,10 @@ int calendar_spec_from_string(const char *p, CalendarSpec **spec) {
/* Found one of the two timezones specified? */ /* Found one of the two timezones specified? */
if (IN_SET(j, 0, 1)) { if (IN_SET(j, 0, 1)) {
p = strndupa(p, e - p - 1); p = p_tmp = strndup(p, e - p - 1);
if (!p)
return -ENOMEM;
c->dst = j; c->dst = j;
} else { } else {
const char *last_space; const char *last_space;
@ -930,7 +936,9 @@ int calendar_spec_from_string(const char *p, CalendarSpec **spec) {
if (!c->timezone) if (!c->timezone)
return -ENOMEM; return -ENOMEM;
p = strndupa(p, last_space - p); p = p_tmp = strndup(p, last_space - p);
if (!p)
return -ENOMEM;
} }
} }
} }

File diff suppressed because one or more lines are too long