Fix invalid memory accesses reported by 'make memcheck'

author Stef Walter <stefw@gnome.org>

Wed, 20 Mar 2013 19:59:26 +0000 (20:59 +0100)

committer Stef Walter <stefw@gnome.org>

Wed, 20 Mar 2013 21:22:22 +0000 (22:22 +0100)
author Stef Walter <stefw@gnome.org>
Wed, 20 Mar 2013 19:59:26 +0000 (20:59 +0100)
committer Stef Walter <stefw@gnome.org>
Wed, 20 Mar 2013 21:22:22 +0000 (22:22 +0100)
diff --git a/common/compat.c b/common/compat.c

index 25484593c318f92b2026c8caeb30b60d56a18765..2cda460e923d02711bcab01fb25a14397792c7ee 100644 (file)
--- a/common/compat.c
+++ b/common/compat.c
@@ -459,15 +459,12 @@ strndup (const char *data,
           size_t length)
  {
         char *ret;
-       size_t len;
-
-       len = strlen (data);
-       if (length > len)
-               length = len;
  
-       ret = memdup (data, length + 1);
-       if (ret != NULL)
+       ret = malloc (length + 1);
+       if (ret != NULL) {
+               strncpy (ret, data, length);
                 ret[length] = 0;
+       }
  
         return ret;
  }
diff --git a/common/tests/test-compat.c b/common/tests/test-compat.c

index 13a7a33f39bee298bf93a66e76cab62fbddcc445..a94aaeb2306e5004a6cc9e7cbb1884689f50595c 100644 (file)
--- a/common/tests/test-compat.c
+++ b/common/tests/test-compat.c
@@ -72,6 +72,21 @@ test_basename (CuTest *tc)
         }
  }
  
+static void
+test_strndup (CuTest *tc)
+{
+       char unterminated[] = { 't', 'e', 's', 't', 'e', 'r', 'o', 'n', 'i', 'o' };
+       char *res;
+
+       res = strndup (unterminated, 6);
+       CuAssertStrEquals (tc, res, "tester");
+       free (res);
+
+       res = strndup ("test", 6);
+       CuAssertStrEquals (tc, res, "test");
+       free (res);
+}
+
  int
  main (void)
  {
@@ -80,6 +95,7 @@ main (void)
         int ret;
  
         SUITE_ADD_TEST (suite, test_basename);
+       SUITE_ADD_TEST (suite, test_strndup);
  
         CuSuiteRun (suite);
         CuSuiteSummary (suite, output);
diff --git a/common/tests/test-hash.c b/common/tests/test-hash.c

index f57988e53cfb465ca7aa5bf6d1f61ecfe454f0d2..d6d79905e0bb2fa4f212d90c725bc8c9bfc87838 100644 (file)
--- a/common/tests/test-hash.c
+++ b/common/tests/test-hash.c
@@ -87,7 +87,7 @@ test_sha1_long (CuTest *cu)
         CuAssertTrue (cu, input != NULL);
         memset (input, 'a', 1000000);
  
-       p11_hash_sha1 (checksum, input, strlen (input), NULL);
+       p11_hash_sha1 (checksum, input, 1000000, NULL);
         CuAssertTrue (cu, memcmp (expected, checksum, P11_HASH_SHA1_LEN) == 0);
  }
  
@@ -179,19 +179,19 @@ test_murmur2_incr (CuTest *cu)
         uint32_t first, second;
  
         p11_hash_murmur2 ((unsigned char *)&first,
-                         "this is the long input!", 23,
+                         "this is the long input!", (size_t)23,
                           NULL);
  
         p11_hash_murmur2 ((unsigned char *)&second,
-                         "this", 4,
-                         " ", 1,
-                         "is ", 3,
-                         "the long ", 9,
-                         "in", 2,
-                         "p", 1,
-                         "u", 1,
-                         "t", 1,
-                         "!", 1,
+                         "this", (size_t)4,
+                         " ", (size_t)1,
+                         "is ", (size_t)3,
+                         "the long ", (size_t)9,
+                         "in", (size_t)2,
+                         "p", (size_t)1,
+                         "u", (size_t)1,
+                         "t", (size_t)1,
+                         "!", (size_t)1,
                           NULL);
  
         CuAssertIntEquals (cu, first, second);
diff --git a/trust/index.c b/trust/index.c

index 6e9a46cf0441077581d93caeb1c8e0273e75b446..1275cd907994fd3a6bcc37c70bf198514ada2f7e 100644 (file)
--- a/trust/index.c
+++ b/trust/index.c
@@ -648,7 +648,7 @@ index_select (p11_index *index,
                 for (j = 1; j < num; j++) {
                         assert (buckets[j]->elem); /* checked above */
                         at = binary_search (buckets[j]->elem, 0, buckets[j]->num, handle);
-                       if (buckets[j]->elem[at] != handle) {
+                       if (at >= buckets[j]->num || buckets[j]->elem[at] != handle) {
                                 handle = 0;
                                 break;
                         }
diff --git a/trust/tests/test-index.c b/trust/tests/test-index.c

index 3cda272b19ab100b96713bdecf59bc236719362f..d58a510f51eb82ca96b6c00424a0523903fc8443 100644 (file)
--- a/trust/tests/test-index.c
+++ b/trust/tests/test-index.c
@@ -539,6 +539,8 @@ test_find_all (CuTest *tc)
         free (check);
  
         /* A double check of this method */
+       one = 0UL;
+       check = &one;
         CuAssertTrue (tc, !handles_are (check, 29292929, 0UL));
         CuAssertTrue (tc, !handles_are (NULL, 0UL));
author	Stef Walter <stefw@gnome.org>
	Wed, 20 Mar 2013 19:59:26 +0000 (20:59 +0100)
committer	Stef Walter <stefw@gnome.org>
	Wed, 20 Mar 2013 21:22:22 +0000 (22:22 +0100)
common/compat.c		patch \| blob \| history
common/tests/test-compat.c		patch \| blob \| history
common/tests/test-hash.c		patch \| blob \| history
trust/index.c		patch \| blob \| history
trust/tests/test-index.c		patch \| blob \| history